Sr. AI Red Team Engineer
Role details
Job location
Tech stack
Job description
In this role, you will design, execute, and evolve advanced adversarial simulation campaigns to test Moderna's cyber resilience across corporate, laboratory, and manufacturing environmentswith a focus on AI and the attack surface it exposes.
You will act as a hands-on operator, building and running end-to-end offensive campaigns - frominitialreconnaissance to network exploitation and post-exploitation within high-value segments like lab,OT systems, cloud, and AI infrastructure.
This role reports to theRed Team Program Leadand worksvery deeply and closelywith Incident Response, Threat Intelligence, and Detection Engineering to convert findings into durable defenses.The primary output of the program focuses on buildingdefenses,detections that result in prevention of real adversarial tradecraft.
Your mission:identify, emulate, and weaponize attacker tradecraft before real adversaries doagainst Moderna.
Here's WhatYou'llDo:
- Plan, execute, and document full-spectrum red team operations targeting digital, physical, and hybrid environments.
- Develop andmaintainoffensive toolchains and infrastructure for covert operations (C2 frameworks, payload obfuscation, cloud-based staging, and beacon management).
- Conduct external-to-internal attack simulations.
- Collaborate with detection and incident response teams to measure time-to-detect, time-to-contain, and overall detection efficacy.
- Build andmaintaincustom scripts and exploits using Python, PowerShell, and other languages to simulate real adversary TTPs.
- Perform adversary emulation based on threat intel tied to biotech, pharma, and critical manufacturing sectors.
- Lead post-operation technical debriefs with IR and Threat Intel to derive new detection opportunities and security controls.
- Contribute to the development of internal red team maturity, progressing toward a continuous red team model.
Requirements
- 4+ yearsincybersecurity with deep experience in red teaming, offensive security, or adversary simulation.
- Proven ability to conduct end-to-end attack chains, including initial access, lateral movement, privilege escalation, and data exfiltration.
- Expertisein network penetration testing, Active Directory exploitation, cloud attacks (Azure, AWS, O365), endpoint evasion, and AI systems.
- Experience targeting OT or lab-connected systems is a plus.
- Experience with modern AI based attacks and how toleveragethem in a longer attack path.
- Strong knowledge of MITRE ATT&CK, C2 frameworks, and offensive tooling.
- Familiarity with purple team methodologies and integrating offensive results into defensive playbooks and detections.
- OPSEC discipline and experience running stealth operations under blue team monitoring.
- Solid scripting and automation skills in at least one major language (Python, PowerShell, Bash, or Go).
Here's WhatYou'llBring to the Table (Preferred Qualifications)
- Preferred certifications: OSCP, OSEP, OSED, CRTO, or equivalent hands-on offensive credentials.
- Ability to communicate complex offensive findings clearly to both technical engineers and executive stakeholders.
Benefits & conditions
At Moderna, we believe that when you feel your best, you can do your best work. That's why our benefits and well-being resources are designed to support you-at work, at home, and everywhere in between.
- Competitive healthcare, plus voluntary benefit programs to support your unique needs
- A holistic approach to well-being, with access to fitness, mindfulness, and mental health support
- Family planning benefits, including fertility, adoption, and surrogacy support
- Generous paid time off, including vacation, volunteer days, sabbatical, global recharge days, and a discretionary year-end shutdown
- Savings and investments to help you plan for the future
- Location-specific perks and extras
The salary range for this role is $145,900.00 - $234,200.00(for positions that may be performed in California, the expected salary range is $0.00 - $0.00, which reflects the range permitted under California Labor Code requirements) . This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An individual's position within the salary range will be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, experience, skills, performance, and business or organizational needs.
The successful candidate may be eligible for an annual discretionary bonus, other incentive compensation, or equity award, subject to company plan eligibility criteria and individual performance.