Senior Adversary Operations Engineer
9025 CVS Shared Services Resources LLCWe’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.
Position Summary
The Senior Adversary Operations Engineer plays a critical role in strengthening the organization’s security posture by executing advanced penetration testing and adversary simulation activities that uncover high‑risk vulnerabilities across enterprise, cloud, identity, API, and application environments. This role operates with a high degree of autonomy, leading engagements end‑to‑end from scoping through execution, reporting, and remediation guidance while maintaining a strong focus on real‑world exploitability and business impact. By developing and chaining sophisticated attack paths, the engineer delivers clear, actionable insights that enable leadership to make informed, risk‑based decisions and prioritize remediation aligned to business objectives.
Beyond identifying weaknesses, this role directly improves the organization’s detection and response capabilities. Through close collaboration with detection engineering, SOC, and incident response teams, the Senior Adversary Operations Engineer translates offensive findings into measurable defensive enhancements, including improved telemetry, alerting, and response workflows. Leveraging threat intelligence and continuously refining adversary tradecraft, the role ensures testing remains aligned with evolving attacker behavior while supporting incident investigations and post‑event analysis contributing to a more resilient, intelligence‑driven security program.
Role Responsibilities:
Penetration Testing & Adversary Emulation
- Conduct internal and external penetration tests to identify and exploit vulnerabilities.
- Develop and execute adversary emulation scenarios to assess the effectiveness of the organization’s detection and response capabilities.
- Utilize and maintain a comprehensive suite of penetration testing tools, including Kali Linux, Metasploit, Nmap, and custom scripts.
- Create detailed reports with findings and actionable recommendations
- for remediation.
Collaboration & Purple Teaming
- Work closely with blue teams to design and execute purple team exercises that bridge offensive and defensive security efforts.
- Provide actionable insights to improve security monitoring, alerting, and incident response based on penetration testing results.
- Facilitate knowledge-sharing sessions to upskill internal teams on adversary tactics, techniques, and procedures (TTPs).
Security Strategy & Risk Management
- Contribute to the development of a comprehensive adversary operations strategy aligned with organizational risk management goals.
- Provide executive leadership with detailed reports on security gaps, risks, and the effectiveness of security controls.
- Prioritize remediation efforts based on risk impact and operational feasibility.
Tool Development & Automation
- Automate common penetration testing tasks using Python, PowerShell, or Bash scripting to increase efficiency.
- Contribute to the development of custom tools for red teaming and penetration testing.
Incident Response Support
- Assist the incident response team by providing adversary tactics insights during active investigations.
- Collaborate on developing threat-hunting use cases and refining detection capabilities based on attack simulations.
Required Qualifications
- 5+ years of hands-on experience in penetration testing, red teaming, or offensive security.
- 3+ years of experience in Kali Linux, Metasploit, Nmap, Burp Suite, and/or other related tools.
- 3+ years of experience in scripting languages (Python, PowerShell, Bash,etc).
- 3+ years of experience with cloud security (AWS, Azure, GCP) and container security.
Preferred Qualifications
- Relevant certifications such as OSCP, OSCE, CISSP, CEH, or GPEN.
- Experience in managing or participating in purple team exercises.
- Familiarity with compliance standards like PCI-DSS, HIPAA, or ISO 27001.
- Strong understanding of security frameworks such as MITRE ATT&CK, NIST, and CIS.
- Strong communication skills with the ability to translate complex security issues to non-technical stakeholders.
Education
- Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience)
Anticipated Weekly Hours
40Time Type
Full timePay Range
The typical pay range for this role is:
$83,430.00 - $222,480.00This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
Great benefits for great people
We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families.
Additional details about available benefits are provided during the application process and on Benefits Moments.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.