Lead Red Team Offensive Security Engineer

Hybrid in Coppell, TX, US • Posted 60+ days ago • Updated 2 days ago
Full Time
Remote
Depends on Experience
Fitment

Dice Job Match Score™

👾 Reticulating splines...

Job Details

Skills

  • Red Team Test Engineer
  • Red Team Security Test Engineer
  • Lead Red Team Offensive Security Engineer

Summary

***We are unable to sponsor for this permanent full-time role**

***Position is Bonus eligible****

Prestigious Financial Institution is currently seeking a Lead Red Team Offensive Security Engineer. Candidate will provide professional input to complex Red Team assignments and projects, strengthening the security posture by independently conducting covert black-box and occasional white-box assessments across network, web application, cloud, mobile, physical, and social engineering domains, while coordinating with Security and IT teams to address and retest remediated findings. This individual works independently and reviews or guides the work of more junior Red Team professionals, enhancing the knowledge and skill base of the organization. Candidate will bring strong expertise in areas such as OSINT, penetration testing, C2 infrastructure development, evasion techniques, and custom scripting, along with strong communication skills and a commitment to staying ahead of emerging threats.

Responsibilities:

    • Execute comprehensive Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security, mobile testing, and OSINT within defined rules of engagement.
    • Develop and deploy Command and Control (C2) infrastructure using evasion and obfuscation techniques to test and enhance Cyber Defense detection capabilities.
    • Leverage AI/LLM tooling to accelerate offensive research, exploit development, and overall Red Team effectiveness.
    • Conduct ad-hoc white-box testing on pre-production and in-development infrastructure, and validate remediated findings with IT owners.
    • Perform threat modeling, security risk assessments, and independent reviews of security, network, and applications.
    • Develop clear, evidence-based reports with actionable remediation recommendations and debrief stakeholders on findings.
    • Ensure security controls and testing activities align with applicable regulations, industry best practices, and policies and procedures.
    • Cross-train Red Team members and other Security/IT teams on adversarial threats, attack vectors, and remediation strategies, enhancing the knowledge and skill base of the organization.
    • Stay current on emerging threats, threat intelligence, and attack techniques, advising IT leadership on mitigation approaches.
    • Support audits, contribute to security roadmap development, and review or guide the work of more junior Red Team professionals while fostering a collaborative team environment. 

Qualifications:

    • High energy, results-driven, with strong analytical, problem-solving, and tactical planning skills, and the ability to exercise good judgment while developing creative solutions to long-term strategic goals.
    • Exceptional verbal/written communication and listening skills, with strong enthusiasm for staying current on threat intelligence and emerging adversarial TTPs.
    • Broad expertise across Network/Application, Web Application, and Mobile Application Penetration Testing, Command and Control (C2) Infrastructure Development, Cyber Defense Evasion techniques, Social Engineering, OSINT, Basic Emissions Testing, and Physical Security Testing.
    • Strong working knowledge of AI/LLMs and agentic systems (autonomous agents, orchestration frameworks, MCP) and how they can accelerate offensive security tradecraft across reconnaissance, exploit/payload development, tooling, and findings triage.
    • Proven due diligence and research ability via open-source avenues and technology.
    • Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS).
    • Good applicable knowledge of policy and procedure development, systems analysis, IA policy, vulnerability and risk management, and regulatory standards (e.g., CSF, NIST, PCI, FIPS 199, COBIT 5).
    • Strong knowledge of cryptography (symmetric, asymmetric, hashing), common enterprise infrastructure technology stacks, and network configurations.
    • Ability to understand and probe/exploit a diverse range of Network and Internet Protocols, and to understand and modify code across multiple programming languages and frameworks, with direct practical experience in at least one high-level language.
    • Ability to facilitate meetings and conversations, and to work with business users to translate their needs into final project deliverables.
    • Nice to have experience working on critical infrastructure in a regulated environment.

Technical Skills:

    • Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing
    • Demonstrated exploit, payload, and attack framework development experience
    • Strong knowledge of EDR detection capabilities such as Crowdstrike/Carbon Black, etc. and associated defense evasion techniques for behavioral based alerting
    • Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool-usig agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings.
    • Strong proficiency in social engineering and intelligence gathering.
    • Strong experience with custom scripting (Python, Powershell, Bash, etc.)  and process automation.
    • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
    • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nighthawk, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).
    • Track record of vulnerability research and CVE assignments
    • Knowledge of Windows APIs and Living off the Land (LOL) Binaries
    • Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
    • Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio).
    • Proficient in basic document management in a Microsoft SharePoint environment.
    • Experience with dedicated document management tools (e.g., DMS, PolicyTech) is a plus.
    • Experience with using ServiceNow is a plus.

Education and/or Experience:

    • BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required
    • 7+ Years’ experience of Penetration testing
    • 7+ Years’ experience in Information Assurance or Cybersecurity work environments

Certificates or Licenses:

    • Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: napil006
  • Position Id: CJ-RedCont
  • Posted 30+ days ago
Contact the job poster
CJ

Craig Johnson

Recruiter @ Request Technology, LLC
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Irving, Texas

Today

Full-time

USD 125,760.00 - 188,640.00 per year

Richardson, Texas

Today

Full-time

Plano, Texas

Today

Full-time

Dallas, Texas

Yesterday

Easy Apply

Full-time

Depends on Experience

Search all similar jobs