Offensive Fraud Engineer

Your responsibilities will include conducting red team operations that simulate real-world fraud attacks, contributing to purple team strategies with fraud prevention teams, and performing in-depth research on fraudster tactics, techniques, and procedures (TTPs). Building the Capability: Define and establish the offensive fraud engineering function from the ground up, including developing the team's mission, scope, methodologies, and operating procedures. Create the foundational playbooks, testing frameworks, and toolsets that will enable sustainable red team operations against fraud systems. You will collaborate with leadership to build the team roadmap, define success metrics, and secure resources for team growth. Recruit, interview, and mentor additional team members, establishing a culture of technical excellence, ethical hacking, and collaborative partnership with fraud prevention stakeholders. Technical Execution: Plan and execute red team engagements simulating real-world fraud attacks to expose gaps in fraud detection and prevention systems. Develop and deploy fraud attack simulations, including account takeover scenarios, synthetic identity fraud, payment manipulation, and automated bot attacks. You will collaborate closely with fraud operations, data science teams, and InfoSec to develop purple team strategies that continuously refine both offensive techniques and defensive capabilities. Required: 6+ years of experience in offensive security, cybercrime, cyber-fraud, or related areas Demonstrated experience building security capabilities or teams from inception Leadership experience coordinating technical activities and influencing cross-functional stakeholders Experience conducting red team engagements with fraud-related techniques (account manipulation, payment fraud simulation, data exfiltration) Proficiency in attack automation and tool development In-depth familiarity with the cybercrime and cyber-fraud environment Proficiency in multiple programming languages and both Linux and Windows environments Strategic thinking and entrepreneurial mindset Published security or fraud research (tools, papers, exploit analysis) Experience as a founding member or early hire in security teams Knowledge of network protocols, traffic analysis, and fraud detection technologies (SIEM, EDR, anti-fraud engines) Experience with big data platforms (Splunk, Hadoop) and machine learning approaches to fraud detection Knowledge of payment systems, digital wallets, and e-commerce fraud vectors Industry certifications (OSCP, OSCE, GPEN, GXPN) Track record of influencing security strategy at the organizational level