Red Team Operator

Description

We are seeking a skilled and motivated  Red Team Engineer to join our offensive security team. The ideal candidate will drive the development of advanced red teaming tools and methodologies, conduct comprehensive assessments across on-premises and cloud environments, and simulate sophisticated threat scenarios to identify and mitigate security vulnerabilities. This role requires a deep understanding of offensive security tactics, attack frameworks, and the ability to communicate findings effectively to both technical and executive stakeholders.

Key Responsibilities:

• Developing and refining internal red team scripts, tools, and methodologies to enhance offensive security operations.
• Research, validate, and exploit known attacks, vulnerabilities, and security weaknesses using custom-built or existing tools.
• Conduct thorough Red Team assessments targeting on-premises infrastructure, cloud environments, and enterprise threat landscapes.
• Identify vulnerabilities across software, systems, networks, and business logic through simulated adversarial tactics.
• Design and execute complex threat emulation scenarios incorporating physical, social engineering, and digital attack vectors.
• Produce detailed, accurate, and actionable reports and presentations tailored for both technical teams and executive leadership.
• Collaborate closely with other security teams to support remediation efforts and improve overall security posture.
• Stay current with emerging threats, attack techniques, and security technologies to continuously evolve red team capabilities.
• Conduct Purple Team exercises in collaboration with partner security teams to identify and improve the organization's security posture.

Requirements

• Minimum 5 years of hands-on offensive security experience, preferably within Red Team or penetration testing roles.
• Strong familiarity with attack frameworks (e.g., MITRE ATT&CK) and corresponding mitigation strategies.
• Proficient with common Command and Control (C2) frameworks such as Sliver, Mythic, and Cobalt Strike.
• Relevant security certifications such as CRTO (Certified Red Team Operator), OSCP (Offensive Security Certified Professional), or equivalent.
• Demonstrated ability to develop custom offensive tools or scripts to support red team operations.
• Excellent communication skills with the ability to convey complex technical findings to diverse audiences.
• Experience with cloud security assessments (AWS, Azure, Google Cloud Platform) is a plus.
• Strong problem-solving skills and a proactive approach to security challenges.

Preferred Skills:

- Knowledge of physical security testing and social engineering tactics.

- Familiarity with scripting languages such as Python, PowerShell, or Bash.

- Experience working in agile or DevSecOps environments.