Senior Red Team Operator

About The Position

Requirements

• 5-7 years’ experience in operational Cyber Security roles
• University degree in computer science, computer engineering or computer security.
• A strong understanding of information security concepts and security trends and practices
• Problem solving with creative solutions.
• Maintain high technical knowledge of systems and solutions.
• Strong communication and presentation skills

Nice To Haves

• Industry certifications (SANS/CEH/CISSP) are a strong asset.
• Defense in depth security concepts including CISA, MITRE, NIST, TIBAS, CREST, I-CRT, TIBER-EU frameworks.
• Service Now
• Confluence

Responsibilities

• Own the end‑to‑end offensive security lifecycle, including planning, scoping, scheduling, execution oversight, reporting, remediation tracking, and closure
• Define and continuously improve offensive security processes, playbooks, standards, and engagement models
• Ensure offensive security activities align with enterprise risk priorities, threat intelligence, and regulatory expectations
• Lead annual and quarterly offensive security planning, ensuring coverage across critical assets, applications, and business services
• Coordinate schedules for Red Team exercises, adversary emulation, purple team activities, and third‑party engagements
• Act as the single point of orchestration between Red Team operators, detection/defensive teams, engineering partners, and external vendors
• Provide delivery oversight for Red Team assessments, adversary emulation exercises, and detection validation activities
• Ensure engagements are executed in accordance with approved rules of engagement, legal, operational, and risk constraints
• Support Purple Team exercises by ensuring findings are actionable and mapped to detection and response improvements (e.g., MITRE ATT&CK)
• Own the lifecycle tracking of offensive security findings from identification through remediation and validation
• Partner with technology and engineering teams to ensure clear ownership, prioritization, and timelines for remediation
• Track exceptions, compensating controls, and deferred risks in line with enterprise risk processes
• Validate closure of issues through retesting or evidence‑based assurance
• Act as the primary point of contact for audit, regulatory, and assurance activities related to offensive security
• Prepare evidence, artifacts, walkthroughs, and responses for internal audit, external audit, and regulatory reviews
• Ensure offensive security activities are defensible, repeatable, and well‑documented
• Provide advisory support to application, infrastructure, and platform teams on secure design and threat exposure
• Influence upstream risk reduction by advising on patterns observed through offensive testing
• Build strong working relationships across security, engineering, IT operations, and risk teams
• Identify opportunities to improve efficiency, coverage, and impact of offensive security activities
• Incorporate lessons learned, emerging threats, and control gaps into future plans
• Support capability uplift across offensive security, detection engineering, and vulnerability management

Benefits

• Supportive, flexible, and inclusive work environment
• Opportunities to learn, grow, and succeed
• Global company with a passion for people
• Purpose to help Clients achieve lifetime financial security and live healthier lives
• Opportunities to drive transformation, sustainability and innovation