Apply on Employer Site

Horizon3.ai · 2 hours ago

Director, Engineering - Proactive Offense

United States

Full-time

Remote

Director/Executive

$245K/yr - $285K/yr

Horizon3.ai is a fast-growing, remote cybersecurity company focused on proactively identifying and addressing exploitable attack vectors. The Director of Software Engineering – Offensive Security will lead the strategy, design, and development of NodeZero’s offensive capabilities, managing multiple engineering teams and driving innovation in autonomous attack content and exploit development.

Artificial Intelligence (AI)Cyber SecurityEnterprise SoftwareMachine LearningNetwork Security

Responsibilities

Lead and scale Horizon3.ai’s Offensive Engineering organization, overseeing teams responsible for exploit development, offensive content, and attack automation within the NodeZero platform

Partner closely with Product, Precision Defense, and Platform teams to define and deliver offensive capabilities that directly influence the roadmap and enhance customer outcomes

Stay hands-on enough to guide architectural decisions and evaluate complex exploit and automation approaches

Build, mentor, and scale diverse teams of software engineers, exploit developers, and offensive researchers

Collaborate across engineering, product, and GTM teams to align offensive innovation with business priorities, and ensure delivery of measurable, impactful capabilities for customers

Qualification

Offensive security techniquesExploit developmentSoftware developmentSystem architectureCloud infrastructureCI/CD practicesB2B SaaS experienceOffensive security certificationsAnalytical skillsLeadership skillsCollaboration skillsCommunication skills

Required

Proven experience leading and scaling engineering teams in offensive or cybersecurity product development, ideally within a fast-paced startup or growth-stage environment

Strong technical background in software development and system architecture, with hands-on experience in offensive security domains such as exploit development, vulnerability research, attack automation, or red teaming

Demonstrated success taking offensive capabilities or SaaS products from concept to market, including driving POCs, MVPs, and production launches

Deep understanding of distributed systems, automation pipelines, and large-scale SaaS platforms, with the ability to guide architectural and design decisions

A product-oriented mindset, skilled at balancing technical excellence, customer impact, and speed to market

Exceptional leadership and collaboration skills—experienced in managing managers, aligning cross-functional teams, and partnering effectively with Product and GTM stakeholders

Excellent analytical, communication, and storytelling abilities—capable of translating complex offensive engineering concepts into clear, actionable direction

High degree of initiative and ownership; creative, detail-oriented, and results-driven

Bachelor's or Master's degree in Computer Science, Engineering, or a related field (or equivalent experience)

Deep expertise in offensive security techniques, frameworks, and tooling (e.g. Metasploit, Cobalt Strike, Sliver, or custom exploit frameworks)

Proficiency in at least one modern object-oriented programming language such as Python, Go, C++, or C#, with experience building and maintaining large-scale software systems

Strong understanding of vulnerability research, exploit development, and post-exploitation automation, with the ability to translate offensive tradecraft into scalable product capabilities

Solid grasp of platform design, system architecture, and automation pipelines, including CI/CD, containerization, and infrastructure-as-code principles

Experience with cloud infrastructure and services (AWS, Azure, GCP), as well as modern DevOps and observability practices

Deep familiarity with network protocols, multiple operating systems (Windows, Linux, macOS, Kali, Ubuntu), and common enterprise technologies

Hands-on experience building or leading engineering for B2B SaaS or security platforms, ideally within a cyber or offensive security company

Working knowledge of databases (PostgreSQL, Neo4j, or similar) and data flow design

Awareness of cybersecurity industry standards and trends, with an ability to bridge technical and product perspectives