Remote - Offensive Security Engineer

SimSpace launched in 2015 with a singular purpose – addressing the most urgent and sophisticated cybersecurity challenges to reduce risk for our most vulnerable and valuable infrastructure. The organizations around the world that we depend on every day to keep our loved ones safe and secure include healthcare facilities, schools, financial institutions, transit centers, grocery stores, and workplaces. To deliver global resiliency, we provide an elite cyber range platform to curate unassailable cyber defenses, data-driven decisions, cutting-edge training labs, live attack scenarios, and extensive individual and dynamic team readiness training.

SimSpace works as OneTeam to elevate humanity around the world. We are committed to continuously improving and delivering a cultivated member experience through supporting our client’s teams and our mission-driven SimSpacers.

We are an international company headquartered in Boston's Fort Point in the U.S. If you are interested in elevating the technology and creative solutions necessary to secure and safeguard our future while working alongside others who share your passion for purpose and development, we want to meet you!

Why should you choose a career at SimSpace?

We are focused on building our culture and enhancing our atmosphere every day, which is why we have collaborated on an integral value system. Our governing philosophy of being Human Centered is deeply embedded within our value system, applied to every one of our internal team members, external clients, and their customers.

Our core values:

• Serve to Protect – We provide safe space, deliver on the mission, and elevate humanity.
• Acquire Understanding – We seek and provide clarity, cultivate comprehension, and believe information goes both ways.
• Operate as Innovators – We stay curious, practice consistency over intensity, and continue to be the change we need in the world.
• Teamwork Without Borders – We are never alone, we solve for all, and keep people at the heart of everything we do.

We are looking for:

An Offensive Security Engineer to work on the Scenario Development team, which includes the development, deployment, integration, and automation of various components within the SimSpace Platform. Existing experience with penetration testing suites such as Metasploit, Cobalt Strike, and similar C2 frameworks is preferred, but not required. As an Offensive Security Engineer, you will have the opportunity to work with distributed systems, ensuring that each component and the system as a whole reliably emulate real-world threat actors at each step in the kill chain. The Scenario Development team is charged with creating advanced, compelling automated attack scenarios for use in the SimSpace Platform.

SimSpace is growing its portfolio of offensive security content by integrating external tools as well as creating our own APT-inspired campaigns. We deliver a catalog of automated attack scenarios and the ability to create new attack components and scenarios from scratch, emulating a wide range of adversary behaviors. The SimSpace Platform provides full control of multi-step attacks along with detailed visualization and reporting. SimSpace follows the Agile process for development and utilizes modern toolchains and methods to develop our frameworks and services in teams.

What will you be doing as an Offensive Security Engineer at SimSpace?

• Research, implement, integrate, and automate new attack content (attack tools, attack scenarios, etc.) into the Scenario Development portfolio.
• Perform end-to-end testing of attack content to ensure functionality in common environments and the ability to evade common defensive tools.
• Collaborate with our passionate software developers on the Offensive Engineering team to ensure that the Scenario Development team’s work is representative and useful during a variety of customer event types.

• Understanding of tactics and techniques used during offensive network operations and the ability to modify them to subvert defensive countermeasures.
• Demonstrable experience emulating real-world cyber threats, covering full attack chains and the application of threat intelligence.
• Professional experience in Python 3, PowerShell, or other scripted languages (Ruby, Bash, Batch, PHP, etc.) and compiled languages (C/C++, Golang, etc.).
• Demonstrated experience with distributed systems, communication frameworks (RESTful API and rMQ), network protocols and configuration, data handling, and the proper use of security constructs.
• General cybersecurity knowledge including familiarity with industry standards like MITRE ATT&CK and D3FEND, the NIST Cybersecurity Framework, STIX/TAXII, and OpenIOC.
• Experience with defensive tools/techniques such as industry-standard host-based, network analysis, incident response, and forensics tools.
• Experience with the commonly-used attack frameworks (Metasploit, Cobalt Strike, CANVAS, Empire, Core Impact, etc.).
• Relevant certifications from organizations like Offensive Security (OSCP/OSCE), or SANS (GPEN, GXPN, GWAPT), or equivalent experience with demonstrable requisite skills is a bonus.
• Fluent with Git, GitHub, Docker, CI/CD and modern team software development and testing tools and practices, including Secure SDLC approaches.
• Experience working with virtualization solutions.

Additional skills:

• Strong verbal and written communication skills.
• Ability to think “outside the box,” tying together capabilities to build resilient automated processes.
• Proficiency in conceptualizing and implementing automated solutions and distributed systems.
• Experience in developing robust, high-quality software that adheres to best practices in design, implementation, instrumentation, and security.
• Self-starter who is highly motivated, accepting of others' opinions/feedback, and can work effectively in a team.

We’re proud to offer a competitive and comprehensive package designed to support your well-being, growth, and success:

• Compensation: Base salary range: $110,000 - $140,000, reflecting our confidence in your expertise and impact, with the opportunity for annual bonuses tied to company performance and individual contributions.
• Health & Wellness: Comprehensive medical, dental, and vision benefits, plus savings plans—coverage starts on day one!
• Mental Health Support: Access to company-paid counseling, coaching, and resources for you and your family through Spring Health.
• Financial Well-Being: Plan for your future with a 401(k)-retirement savings plan featuring a company match.
• Flexible Time Off: Take the time you need with unlimited vacation and dedicated health & wellness days. SimSpace provides flexible solutions to meet the diverse work-life needs of team members.
• Parental Leave: Paid leave plans to support you and your loved ones during life’s most important moments.
• Ownership Opportunities: Equity stock options at hire, with annual performance-based grants—become an invested stakeholder in our shared success.
• Referral Rewards: Earn $1,500–$3,500 for every qualified hire through our employee referral program.
• Peloton Interactive Wellness Program: Full- and partial-subsidized membership plans and equipment discounts to help you reach your personalized fitness goals.
• Continuous Learning: Access a LinkedIn Learning membership to prioritize your personal and professional development.
• Social Connections: Monthly reimbursements for meaningful connections with teammates through our SocialSpace Community.
• Extra Perks: Legal plan coverage, pet insurance, wellness reimbursements, and more to simplify life’s details.

Join SimSpace and enjoy benefits that enhance your career, health, and happiness!

SimSpace is an Equal Opportunity Employer:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

SimSpace does not and shall not discriminate based on race, color, religion (creed), gender, gender expression and identity, age, national origin (ancestry), disability, marital status, sexual orientation, or military/veteran status, in any of its activities or operations. We are committed to providing an inclusive and welcoming environment for all members of our staff, clients, volunteers, subcontractors, vendors, and clients.

Research shows that women and people from underrepresented groups only apply to jobs if they meet all of the qualifications. However, no one ever meets 100% of the qualifications. SimSpace encourages you to break that statistic and to apply. We look forward to your application!

SimSpace does not accept unsolicited resumes from employment agencies.

Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications, and experience, and may vary from the range.