Red Team Operator - Hybrid

About The Position

Requirements

• Bachelors Degree in Computer Science or related field
• 8 + years of relevant experience
• Offensive Security Certified Professional (OSCP)
• Proven experience leading and executing Red Team operations and adversary simulations
• Advanced skills across network, application, cloud, wireless, and hybrid penetration testing
• Strong command of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration)
• Experience with Active Directory exploitation, Linux privilege escalation, kernel-level techniques, and cloud identity systems
• Ability to chain vulnerabilities and bypass modern endpoint detection technologies
• Proficiency with Red Team tooling, including C2 frameworks, scanners, phishing platforms, and OPSEC tooling
• Deep understanding of persistence mechanisms, identity-based attacks, and stealth tradecraft
• Familiarity with the MITRE ATT&CK framework and adversary emulation methodologies
• Strong technical writing and reporting capabilities
• Demonstrated ability to mentor operators and lead technical teams

Nice To Haves

• Experience developing custom exploits, scripts, and automation
• Experience supporting Purple Team exercises and detection engineering
• Prior experience managing or coordinating multi-operator Red Team engagements
• Experience aligning operations with regulatory frameworks such as TIBER or similar threat-led testing standards
• Offensive Security Exploit Expert (OSEE)
• Certified Red Team Operator Level II (CRTO II) or equivalent advanced adversary simulation certifications
• GIAC Red Team Professional (GRTP), where available
• Offensive Security Experienced Penetration Tester (OSEP) and/or Offensive Security Web Expert (OSWE)
• Advanced SANS coursework (e.g., SEC760, SEC660)
• Cloud exploitation and identity attack specialization training

Responsibilities

• Red Team Operations & Campaign Leadership Architect and execute end-to-end adversary simulations across enterprise, cloud, and hybrid infrastructures
• Lead and coordinate multi-operator exploitation teams, managing simultaneous kill chains and campaign logistics
• Direct complex Red Team engagements from reconnaissance and initial access through persistence, lateral movement, and data exfiltration
• Design and execute network, application, wireless, physical, and cloud penetration tests
• Build, operate, and maintain Red Team infrastructure, including command-and-control (C2) ecosystems, phishing platforms and operational security (OPSEC) tooling
• Develop and operationalize custom tooling, payloads, automation and exploitation chains
• Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms
• Ensure operational realism, safety, and compliance with internal policy, legal constraints, and regulatory requirements
• Align Red Team operations with the MITRE ATT&CK framework and threat-led testing standards (e.g., TIBER)
• Lead Purple Team exercises and translate offensive findings into prioritized defensive improvements
• Partner with SOC, Blue Team, Threat Intelligence, Risk Management, and Engineering teams to strengthen detection and response maturity
• Mentor and develop junior and mid-level operators, sharing techniques, lessons learned, and tooling improvements
• Interpret technical exploitation in the context of business risk and control effectiveness
• Communicate technical risk clearly to security leadership and key stakeholders
• Produce high-quality After Action Reports (AARs), executive summaries, and technical documentation

Benefits

• medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k
• A flexible work from home (WFH) schedule