Offensive Security Engineer, Technical Lead (In Office or Remote)

Introduction

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it’s at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose.

Position Overview

We’re looking for an Offensive Security Engineer who excels at navigating ambiguity, uncovering weaknesses, and engineering solutions that elevate our security posture. You’ll combine technical ingenuity with practical problem‑solving, developing automation, tools, and methods that drive meaningful risk reduction.

Our Impact

Freddie Mac's Information Security team is responsible for continuously testing the overall strength of our organization’s defenses (across all people, process, & technology) by simulating the objectives and actions of an attacker.

Your Impact

In this role, you will contribute to a collaborative team as a subject matter expert focusing on advanced offensive security. You will design and implement AI-powered security tools, proactively address vulnerabilities, and champion secure engineering practices across the organization.

What to Expect

• Execute sophisticated red team assessments across diverse attack surfaces.
• Partner with internal stakeholders to define engagement scope, success criteria, and translate complex technical findings into actionable business risk narratives.
• Research, develop, and maintain cutting-edge offensive security tools and automation frameworks to enhance team capabilities and operational efficiency.

Qualifications

• 8+ years of relevant experience.
• Proven ability to critically examine applications and identify, exploit, and remediate complex vulnerabilities.
• Proven ability to create automation workflows that scale to enterprise environments.
• Demonstrated expertise in bypassing modern defensive controls and security measures to achieve assessment objectives.
• Demonstrate proficiency in chosen domain using public research, personal blog, active projects, bug bounty, and public disclosures.
• Must be willing to work east coast hours.

Please note that current Freddie Mac employees should apply through the internal career site. We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status.