You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose:

This Senior Adversarial Emulation Operator (Red Team) position is responsible for participating in, and providing inputs to, the planning and scoping of red team operations and purple team exercises; hands-on execution of engagements, contributing to reporting and debriefing, and conducting Proof of Concept exploits around vulnerabilities. You will play an integral part of Centene's Cyber Defense and Operations' (CDO) goal to work collaboratively as we ensure processes, procedures, and controls are tested, ensuring advanced corporate-wide security solutions are ready to protect our enterprise.

• Plan, coordinate, and execute red team exercises to identify vulnerabilities, control gaps, and potential attack vectors in Centene information systems on prem and in cloud environments.

• Work closely with the blue team to test detections, as needed, to validate operational concepts and findings.

• Work with the blue team and threat intel to conduct ongoing purple team exercises, sharing insights and knowledge to improve overall security posture.

• Develop and refine supporting processes for all red team activities, including standard operating procedures and playbooks.

• Stay up to date with the latest security threats, vulnerabilities, and attack techniques.

• Research and experiment with new tools and methodologies to improve the Red Team's capabilities.

• Recommend training based on operation and exercise findings.

• Provide mentorship for Adversarial Emulation Operators I and II.

• Ability to work cooperatively and professionally with co-workers, customers, and management on a daily basis, either remotely or in person.

• Well versed with security tools & C2 frameworks such as Cobalt Strike, Brute Ratel, Metasploit, Mythic, Sliver etc.

• Experience with threat detection, incident response, and implementing or developing mitigating controls in a medium to large enterprise environment.

• Ability to independently conduct every phase of a red team exercise on your own without guidance or supervision.

• Strong understanding of exploitation of Microsoft platforms used in the enterprise environment such as Windows Server, Windows 10/11, Active Directory, Certificate Services, Azure, etc.

Education/Experience:

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).

Requires 4 – 6 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

• 3+ years hands-on technical red team, pen test, or purple team.

• Hands-on experience with using modifying and customizing penetration testing and red teaming software frameworks (Cobalt Strike, Brute Ratel, Mythic, etc.) to meet operational requirements.

• Experience in professionally delivering technical and executive-level red team reports and briefings.

• Ability to independently research new vulnerabilities in software products.

• Familiar with fundamentals of software exploitation on modern operating systems and cloud environments.

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty

• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions

• Intermediate - Ability to work independently

• Intermediate - Demonstrated analytical skills

• Intermediate - Demonstrated project management skills

• Intermediate - Demonstrates a high level of accuracy, even under pressure

• Intermediate - Demonstrates excellent judgment and decision making skills

License/Certification:

• Desired, but not required based off previous training and hands-on experience:

• Global Information Assurance Certification (GIAC)

• Offensive Security Certified Professional (OSCP)

• Offensive Security Wireless Professional (OSWP)

• Offensive Security Certified Expert (OSCE)

• Offensive Security Exploitation Expert (OSEE)

• Offensive Security Web Expert (OSWE)

• ZeroPointSecurity (CRTO)

Pay Range: $83,600.00 - $155,000.00 per year

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law. Total compensation may also include additional forms of incentives.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.