Offensive Security Engineer (Red Team)

About The Position

Requirements

• Bachelor’s degree or equivalent work experience.
• 5+ years of experience in Red Team or Penetration Testing roles.
• Proficiency with Red Team tools and Command & Control (C2) frameworks.
• Strong scripting and programming skills in PowerShell, Python, JavaScript, Bash, Golang or similar languages.
• Deep understanding of Windows, Linux, Kali Linux, and macOS operating systems.
• Hands-on experience with one or more of the following: Google Cloud, Microsoft Azure, and AWS platforms.
• Advanced networking knowledge and experience with attack simulation.
• Familiarity with the MITRE ATT&CK framework and adversary TTPs.
• Deep understanding of one or more Penetration Testing Methodologies such as PTES, ISECOM, ISSAF, and OSSTMM
• Strong research and reporting skills.
• Willingness to travel for on-site assessments.

Nice To Haves

• Offensive Security Certified Professional (OSCP)
• Offensive Security Certified Expert (OSCE)
• Offensive Security Experienced Penetration Tester (OSEP)
• Certified Red Team Professional (CRTP)
• GIAC Penetration Tester (GPEN)
• GIAC Web Application Penetration Tester (GWAPT)
• CREST Registered Penetration Tester / CBEST

Responsibilities

• Execute adversary emulation engagements using intelligence-driven threat scenarios aligned with frameworks such as MITRE ATT&CK.
• Conduct red team operations, including initial access, lateral movement, privilege escalation, and data exfiltration simulation.
• Conduct physical, external/internal, and wireless network assessments, as well as web and mobile application testing.
• Perform security assessments across cloud platforms (Google Cloud, Microsoft Azure, AWS) and embedded systems.
• Test threat actor emulation tools, tactics, and procedures for the Red Team to employ on-demand in assessments of application, system, and network security controls.
• Employ these tools and techniques in the KeyBank environment with minimal supervision.
• Partner with the Cyber Threat Intelligence team to ensure Red Team capabilities and tactics accurately reflect the current threat landscape.
• Consult with cross-functional teams during project testing phases and architectural design reviews to ensure appropriate security controls are in place to mitigate threats.
• Coordinate and monitor third-party penetration testing engagements, ensuring alignment with requirements, effective communication, and timely, accurate reporting.
• Generate and publish Red Team metrics and reporting to track program effectiveness and stakeholder visibility.
• Track remediation of findings to completion through coordination with application and technology system owners.
• Expand the team’s capabilities through: - Creation of custom tools and automation frameworks. - Research and development of novel offensive techniques and tradecraft. - Incorporation of threat actor intelligence into emulation scenarios. - Delivery of internal presentations and knowledge-sharing sessions.
• Collaborate with the Cyber Threat Intelligence team to translate real-world TTPs into emulation plans.
• Evaluate the effectiveness of detection and response capabilities across SOC, EDR, SIEM, and other security layers.
• Provide detailed post-mortem reports and executive briefings with prioritized recommendations.
• Partner with blue teams to conduct purple team exercises and improve detection engineering.
• Contribute to the continuous improvement of adversarial emulation methodologies, tooling, and documentation.

Benefits

• This position is eligible to earn a base salary in the range of $94,000.00 - $175,000.00 annually.
• Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location.
• Compensation for this role also includes eligibility for incentive compensation which may include production, commission, and/or discretionary incentives.
• Please click here for a list of benefits for which this position is eligible.
• Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.