Job Title:  Lead Red Team Security Engineer

Department:  Information Security

Location:  Remote or Hybrid (Grand Rapids, MI)

About Acrisure

Acrisure is a global Fintech leader that combines the best of humans and high tech to offer multiple financial products and services to millions of businesses and individual clients. We connect clients to solutions that help them protect and grow what matters, including Insurance, Reinsurance, Cyber Services, Mortgage Origination and more.

Acrisure employs over 17,000 entrepreneurial colleagues in 21 countries and have grown from $38 million to $4.3 billion in revenue in just over ten years. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation, client centricity and an indomitable will to win.

Responsibilities:

Red Team Strategy and Planning: Develop and implement a comprehensive Red Team strategy aligned with the organization's security objectives. Define the scope, goals, and methodologies for Red Team engagements.Red Team Operations: Lead the planning, execution, and reporting of Red Team assessments. Conduct in-depth reconnaissance, exploit vulnerabilities, and simulate advanced attack scenarios to test the effectiveness of existing security controls.Vulnerability Identification and Reporting: Document identified vulnerabilities and provide detailed technical reports with actionable recommendations for remediation. Collaborate with Security Operations and other IT teams to ensure timely and effective mitigation of identified risks.Tool and Technique Development: Research, develop, and maintain custom tools and techniques to enhance Red Team capabilities and stay ahead of emerging threats.Threat Intelligence and Research: Stay abreast of the latest cyber-attack techniques, threat actors, and industry trends. Incorporate relevant threat intelligence into Red Team operations.Team Building and Mentorship: Recruit, train, and mentor a team of Red Team security professionals. Foster a culture of collaboration, innovation, and continuous learning.Cross-functional Collaboration: Work closely with Security Operations and other teams to ensure a cohesive and effective security program.

Education/Experience:

Extensive experience in Red Team operations, penetration testing, or ethical hacking. A strong understanding of attack methodologies, tactics, techniques, and procedures (TTPs).Deep knowledge of network security, application security, operating systems, and cloud security. Proficiency in scripting languages and security tools.Excellent leadership, communication, and interpersonal skills. Ability to build and motivate a team. Effective communication of technical findings to both technical and non-technical audiences.Strong analytical and problem-solving skills. Ability to think creatively and identify innovative solutions to complex security challenges.Relevant certifications such as OSCP, OSCE, GPEN, or GXPN are highly desirable.A strong passion for cybersecurity and a desire to make a difference in protecting the organization's critical assets.

  

Benefits & Perks:

Competitive CompensationIndustry Leading HealthcareSavings and InvestmentsCharitable Giving ProgramsOffering hybrid work option           Opportunities for GrowthParental LeaveGenerous time away

Acrisure is committed to making an impact in our communities by giving back, with millions committed to children’s health with Helen Devos Children’s Hospital and UPMC Children's Hospital of Pittsburgh.

For more, visit www.Acrisure.com  or learn more here.

#LI-CH1 #LI-Remote

                                                                                              

Acrisure is committed to employing a diverse workforce. All applicants will be considered for employment without attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status.  California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.
 

To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure’s Human Resources Talent Department.