Red Team Operator I

About The Position

Requirements

• Experience performing OSINT/reconnaissance, enumeration, web application testing, social engineering, payload development, initial access, system enumeration, lateral movement, privilege escalation, data exfiltration.
• Participates in report writing process and can professionally convey findings and impact to customers, both written and verbally
• Practical offensive certification: CRTO, OSCP, CPTS, or similar
• At least 2 years of independently executing complete red team engagements, from planning through post-exploitation.
• At least 2 years modifying/red-teaming tools (e.g., Cobalt Strike, Kali) and 2+ years developing payloads to bypass A/V and EDR defenses.
• Experience performing engagements on cloud, hybrid, multi- and/or single-tenant active directory environments such as AWS, GCP, Entra
• In-depth knowledge and experience with Windows and NIX-based operating systems, networking concepts, and Active Directory

Nice To Haves

• Proximity to Maryland or Virginia is a plus, but not required
• Public Trust clearance preferred

Responsibilities

• Simulate real-world cyberattacks to assess and challenge the effectiveness of security controls and incident response capabilities.
• Conduct reconnaissance, exploitation, and post-exploitation activities using adversary tactics, techniques, and procedures (TTPs).
• Develop and use custom tools and methods to evade detection and maintain stealth during engagements.
• Document findings and deliver clear, actionable reports to technical and executive stakeholders.

Benefits

• Employer-paid health insurance premiums (medical, dental, vision) for you and your family
• Employer-paid short/long term disability insurance and basic life/AD&D insurance
• 401K with a 4% employer contribution
• Professional development reimbursement options available (training, certification, education, etc)
• Flexible and remote work policies for most positions
• Flexible PTO and holiday schedule