Information Security Operations Analyst II at JM Family Enterprises is responsible for designing, building, and scaling offensive security capabilities through adversary‑focused testing, attack simulation, and the development of custom tooling and automation.

They will support transformation of offensive security program from a predominantly tool‑ and vendor‑driven model to a build‑first approach, leveraging software engineering, automation, and AI‑assisted techniques to improve the coverage, depth, and repeatability of offensive security activities.

Responsibilities include but are not limited to:

• Conduct offensive security activities including penetration testing, attack simulations, threat‑based assessments, and control validation across on‑prem, cloud, identity, and SaaS environments.

• Execute and assist in the development of red team and purple team exercises, collaborating with detection and response teams to validate defensive coverage.

• Perform vulnerability and exploitation analysis, including chaining weaknesses to demonstrate real‑world attack paths and business risk.

• Identify, validate, and responsibly disclose security weaknesses to stakeholders, providing clear remediation guidance and risk context.

• Design, develop, and maintain custom offensive security tooling (Python, PowerShell, Bash, or similar), including frameworks, reusable modules, and automation that scale testing beyond point‑in‑time assessments.

• Evaluate when to build versus buy offensive security capabilities, with a bias toward internal tooling where it improves flexibility, visibility, or speed of iteration.

• Incorporate AI‑assisted techniques (e.g., automation, chaining analysis, signal prioritization) to increase testing efficiency and analyst leverage.

• Contribute documentation such as test reports, playbooks, findings templates, and executive‑level summaries.

• Contribute to the long‑term architecture of the offensive security program, including shared libraries, testing pipelines, data models, and reporting outputs optimized for reuse and scale.

• Mentor junior analysts and contribute to team knowledge sharing.

• Partner with application and platform engineering teams not only to test systems, but to co‑design secure patterns, reference implementations, and reusable testing components.

• Build developer‑consumable assets (templates, scripts, sample exploits, safe test harnesses) that enable teams to self‑validate security assumptions earlier in the SDLC.

• Provide developer‑friendly remediation guidance, proof‑of‑concepts, and secure coding recommendations that are actionable and aligned to real‑world development workflows.

• Support the integration and tuning of security testing tools within CI/CD pipelines, balancing detection depth with developer experience and signal quality.

• Collaborate with Security Engineering and Application teams to improve self‑service security capabilities, documentation, and testing patterns that developers can reuse.

• Participate in post‑testing debriefs with developers to educate, coach, and improve security outcomes—not just report findings.

Qualifications:

• Hands‑on experience with penetration testing, red team, purple team, or adversary emulation activities.

• Strong understanding of Windows, Active Directory, Azure/Entra ID, networking, cloud platforms, and SaaS architectures.

• Experience with common offensive security tools and frameworks (e.g., C2 frameworks, vulnerability scanners, exploit frameworks).

• Knowledge of MITRE ATT&CK, kill chains, and attacker tradecraft.

• Experience validating security controls such as EDR, SIEM, identity protections, email security, and cloud security controls.

• Strong scripting and automation skills; ability to customize or build tools to support testing objectives.

• Ability to translate technical findings into clear risk‑based narratives for technical and non‑technical audiences.

• Strong analytical, problem‑solving, and critical‑thinking skills.

• Ability to work independently while collaborating effectively in cross‑functional teams.

• High attention to detail with a strong sense of ethics and responsible disclosure.

• Experience working directly with software engineers to remediate vulnerabilities and improve secure development practices.

• Understanding of modern SDLC and CI/CD pipelines, including how security testing fits into developer workflows.

• Familiarity with secure coding practices and common vulnerability classes in modern applications (web, APIs, cloud‑native services).

• Ability to communicate security findings in a way that developers can quickly understand, prioritize, and fix.

• Mindset oriented toward enablement over enforcement, with a focus on reducing friction while improving security outcomes.

• Background in software engineering, platform engineering, or SRE, with a desire to specialize in security.

• Experience designing or maintaining production‑quality code, not just scripts.

• Comfort working with APIs, data pipelines, CI/CD systems, and cloud‑native services as part of security capability development.

• Curiosity and practical interest in applying AI/ML‑assisted techniques to security testing, automation, and analysis.

#LI-AM1

#LI-HYBRID