Red Team Operator

About The Position

Requirements

• Bachelor's degree in computer science or related field
• 5+ years of relevant experience
• Offensive Security Certified Professional (OSCP) or similar certifications
• Strong desire to learn and continually evolve both self and team
• Proven experience executing Red Team operations and adversary simulations
• Advanced skills across network, application, cloud, wireless, and hybrid penetration testing
• Strong understanding of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration)
• Experience with Active Directory exploitation, Linux privilege escalation, kernel-level techniques, and cloud identity systems
• Ability to chain vulnerabilities and bypass modern endpoint detection technologies
• Proficiency with common Red Team tooling, including C2 frameworks, scanners, phishing platforms, and OPSEC tooling
• Familiarity with the MITRE ATT&CK framework and adversary emulation methodologies
• Strong technical writing and reporting capabilities

Nice To Haves

• Experience developing custom exploits, scripts, and automation
• Experience supporting Purple Team exercises and detection engineering

Responsibilities

• Be an active participant in end-to-end adversary simulations across enterprise, cloud, and hybrid infrastructures
• Provide input to planning complex Red Team engagements from reconnaissance and initial access through persistence, lateral movement, and data exfiltration
• Execute network, application, wireless, physical, and cloud penetration tests
• Build, operate, and maintain Red Team infrastructure, including command-and-control (C2) ecosystems, phishing platforms and operational security (OPSEC) tooling
• Develop and operationalize custom tooling, payloads, automation and exploitation chains
• Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms
• Ensure operational realism, safety, and compliance with internal policy, legal constraints, and regulatory requirements
• Align Red Team operations with the MITRE ATT&CK framework and threat-led testing standards (e.g., TIBER)
• Partner with SOC, Threat Intelligence, Risk Management, and Engineering teams to strengthen detection and response maturity
• Mentor and develop junior team members, sharing techniques, lessons learned, and tooling improvements
• Interpret technical exploitation in the context of business risk, control effectiveness, and defensive improvement
• Communicate technical risk clearly to security leadership and key stakeholders
• Produce high-quality After-Action Reports (AARs), executive summaries, and technical documentation

Benefits

• medical, dental, vision and life insurance with no premium costs for our employees and their families
• retirement plan plus matching 401k
• structured training
• certification sponsorship
• long-term career development opportunities
• flexible work from home (WFH) schedule