Red Team Operator III

About The Position

Requirements

• Bachelor’s Degree and eight (8+) years of experience in offensive cybersecurity (red teaming, penetration testing, or threat emulation).
• In lieu of a degree: four (4) years of experience in a related technology field and relevant industry certifications (OSCP, OSWE, GPEN, GXPN, CRTO, etc.).
• Adversary Emulation Tools: Hands-on experience with frameworks such as Cobalt Strike, Mythic, CALDERA, or equivalent.
• Operating Systems & Identity: Strong understanding of attack surfaces across Windows, Linux, macOS, Active Directory, and Azure AD.
• Cloud Environments: Experience performing offensive testing in AWS, Azure, or GCP environments.
• Scripting & Automation: Ability to script in Python, PowerShell, or Bash for automation and tradecraft development.
• Networking & Security Fundamentals: Solid knowledge of TCP/IP, network protocols, and common security concepts.
• Reporting: Ability to produce clear technical documentation and executive summaries.
• Citizenship: Must be a U.S. citizen.

Nice To Haves

• Certifications: OSWE, OSCP, CISSP, GPEN, GXPN; plus GRTP, OSEP, OSCE, CRTO, CRTE or equivalent experience.
• Familiarity with C2 infrastructure design and operational security practices.
• Understanding of secure coding principles and modern infrastructure design.
• Knowledge of incident response processes and defensive detection engineering principles.
• Experience executing attack paths in AWS, Azure, GCP and hybrid environments; understanding cloud security controls and misconfigurations.
• Strong written and verbal communication skills.

Responsibilities

• Live the NuHarbor Ways: Help Clients Win, Always Improve, Protect the House.
• Execute Offensive Engagements: Plan and perform complex red team and adversary emulation exercises aligned to real-world threat actor TTPs (e.g., MITRE ATT&CK), including initial access, privilege escalation, lateral movement, persistence, and data exfiltration.
• Develop Threat-Informed Attack Paths: Use threat intelligence to design realistic attack scenarios across enterprise, cloud, and hybrid environments.
• Apply Offensive Techniques: Utilize industry-standard tools and frameworks (e.g., Cobalt Strike, Mythic, CALDERA) to conduct engagements with strict adherence to OPSEC and Rules of Engagement.
• Document and Communicate Findings: Produce clear, comprehensive technical reports and executive summaries that outline vulnerabilities, business impact, and remediation guidance.
• Collaborate with Defensive Teams: Work with blue teams to validate detection coverage and provide feedback on improving detection and response capabilities.
• Continuous Learning: Stay current with emerging attack vectors, vulnerabilities, and red team methodologies to evolve tradecraft and engagement quality.

Benefits

• The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
• An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self.
• competitive salary and benefits, including paid time to give back in your community and generous PTO.