About the Role:
We're hiring a Senior Red Team Engineer to join a trusted payments technology company that powers and protects major financial products used by millions of consumers. This is a hybrid role based in Scottsdale, focused on offensive security, adversary emulation, purple team testing, cloud/web/network campaigns, and real-world attack simulation.
Why This Role Rocks:
This is a high-impact offensive security role where you'll be identifying emerging threats, building proof-of-concept attacks, testing enterprise defenses, and helping security teams understand real-world blast radius. You'll work across red team campaigns, purple team exercises, exploit development, cloud security, detection evasion, and threat replication in a highly regulated financial technology environment.
Required Skills & Experience:
- 6+ years of information security experience
- 2+ years of hands-on offensive security experience
- Red team campaign and adversary emulation experience
- Experience with network, cloud, and web application security testing
- Ability to develop exploits and execute attacks at scale
- Strong scripting experience with Python, PowerShell, and/or Go
- Knowledge of threat modeling, cloud security, cryptography, authentication, authorization, and defensive detection techniques
- Experience writing reports and presenting findings to technical and non-technical stakeholders
- Strong understanding of vulnerability impact, blast radius, and real-world exploitability
- Bachelor's degree in a relevant field or equivalent professional experience
Desired Skills & Experience:
- Experience with adversary emulation toolsets
- Ability to take a single vulnerability and assess organization-wide impact
- MITRE ATT&CK, MITRE CAPEC, and Cyber Kill Chain experience
- Mobile application security testing experience
- Offensive security certifications such as OSCP, ePTX, GPEN, HTB CPTS, or similar
- Cloud security certifications such as AWS SAA, AWS SAP, AWS Security Specialty, or equivalent
What You Will Be Doing:
Tech Breakdown:
- 30% Red team campaigns and adversary emulation
- 20% Purple team exercises and control efficacy testing
- 15% Cloud, web, and network security testing
- 15% Exploit development, scripting, and automation
- 10% Vulnerability impact and blast-radius analysis
- 10% Reporting, remediation guidance, and security team collaboration
Daily Responsibilities:
- 50% Hands-on offensive security testing, attack simulation, and vulnerability validation
- 25% Building scripts, tools, proof-of-concepts, and automation to support engagements
- 15% Partnering with internal security, incident response, and threat intelligence teams
- 10% Reporting findings, documenting risk, and presenting remediation recommendations
Never miss an opportunity! Create an alert based on the job you applied for.
