CVS Health, the parent company of Signify Health, is increasing investments in digital, data, analytics and technology and Signify Health is excited to be involved!
We are hiring for a dynamic new initiative for CVS Health that will run out of our state-of-the-art offices at Bonham Quay.
This is your opportunity to be involved with a pioneering business that is transforming health care in the United States by making customer experiences more seamless, convenient and personalised.
CVS Health is focused on driving business agility and growth through technology, data, digital and experiential innovations.
'Digital First, Technology Forward and Data Driven' is not simply an aspirational goal for the company, but a prerequisite to accelerated growth.
Bring your heart to CVS Health.
Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health.
This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world.
Anchored in our brand - with heart at its center - our purpose sends a personal message that how we deliver our services is just as important as what we deliver.
Our Heart At Work Behaviors support this purpose.
We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable.
As we reflect on our learnings and successes from remote work, we aim to provide a new state of the art flexible work environment in our Galway facility at Bonham Quay to support those objectives.
Careers with offer flexible work arrangements and individuals who live and work in the Republic of Ireland will have the opportunity to divide their time between our Galway office and their home office.
Who You Are Experienced in building and leading high-performance offensive security teams focused on adversary simulations, vulnerability exploitation, and proactive threat assessments.
Strong expertise in identifying, analyzing, and simulating advanced attack techniques, with a deep understanding of adversarial tactics, techniques, and procedures (TTPs).
Skilled in creating and executing adversary simulation frameworks that leverage red teaming, penetration testing, and exploitation methodologies to rigorously test and challenge security defenses.
A leader in next-generation offensive security approaches, leveraging AI, machine learning, and automation to conduct simulated attacks and assess system resilience.
Proven ability to foster cross-functional collaboration between security, IT, and business teams, ensuring offensive security insights align with broader security objectives and support overall organizational resilience.
Experienced in developing key security metrics (KPIs/KRIs) to track the effectiveness of offensive security strategies, continuously improving vulnerability management and attack response processes.
Role Responsibilities Adversary Simulation & Offensive Strategy Lead the development and execution of offensive security and adversary simulation strategies, utilizing cutting-edge techniques to identify, test, and exploit vulnerabilities.
Build and maintain red teaming frameworks that leverage MITRE ATT&CK, Cyber Kill Chain, and OWASP frameworks, alongside tools such as Metasploit, Cobalt Strike, and custom-built solutions, to rigorously evaluate security defenses.
Continuously assess and update offensive strategies based on evolving threat landscapes, ensuring that the organization remains prepared against sophisticated attack vectors.
Implement simulation techniques for advanced AI and machine learning-based attacks, adversarial AI exploitation, and model abuse to proactively identify potential system weaknesses.
Vulnerability Exploitation & Penetration Testing Oversee the implementation and continuous improvement of the organization's penetration testing and vulnerability exploitation capabilities, ensuring thorough assessment of systems and applications.
Develop and execute offensive testing strategies that uncover security gaps and vulnerabilities across cloud, on-prem, and hybrid environments.
Lead the development of playbooks, testing methodologies, and automated workflows to enhance the team's ability to simulate and execute realistic attack scenarios.
Next-Generation Attack Simulation & Automation Leverage artificial intelligence, machine learning, and automation to conduct sophisticated attack simulations and improve the efficacy of offensive security operations.
Implement advanced adversary simulation techniques, such as automated red teaming, deception bypass, and behavioral analytics, to simulate real-world attack scenarios and gauge defense effectiveness.
Drive the adoption of next-generation offensive security tools, including SOAR platforms and adversary emulation solutions, to scale red teaming efforts and ensure comprehensive attack surface testing.
Drive the creation of custom offensive security tools and frameworks, ensuring scalability and tailored testing to meet unique organizational requirements.
Threat Intelligence & Collaborative Defense Collaborate with threat intelligence teams to incorporate emerging threat data into adversary simulations, ensuring up-to-date representation of adversary TTPs.
Establish a continuous feedback loop with blue teams, sharing offensive security insights to enhance defense mechanisms, improve detection strategies, and strengthen overall security posture.
Drive collaboration across the organization to ensure offensive security findings are aligned with business goals and contribute to robust security controls.
Qualifications 10+ years of experience in leading offensive security or red teaming operations, with a significant portion in a senior leadership role.
A minimum of a Bachelor's degree in Computer Science, Information Security, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required.
Industry certifications such as OSCP, OSCE, OSEP, GPEN, or GXPN are highly preferred.
Additional certifications in cloud security, such as GCP Cloud Security Engineer, AWS Certified Security, or Azure Security Engineer, are a plus but not required.
Strong expertise in red teaming, penetration testing, and adversary simulation frameworks, with knowledge of exploit development and attack methodologies.
Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell, with a focus on automation for offensive operations.
Proven ability to leverage automation, AI, and machine learning to enhance offensive security testing and vulnerability exploitation processes.
Experience with offensive security tools, such as Metasploit, Cobalt Strike, Burp Suite, and custom scripting.
Strong technical expertise with offensive testing techniques across cloud, on-prem, and hybrid environments.
Demonstrated ability to lead high-performing teams, cultivate talent, and foster a collaborative culture that drives innovation and excellence in offensive security.
To Apply Please forward your CV via the APPLY Now button below.