Hybrid opportunity in Scottsdale, AZ with a major U.S. financial technology company that powers and protects critical payments infrastructure used by hundreds of millions of consumers and small businesses. Tech stack includes Python, PowerShell, Go, AWS/Azure cloud environments, the MITRE ATT&CK framework, and modern adversary emulation toolsets (Cobalt Strike, CALDERA, Atomic Red Team, and similar). This is a full-time, direct-hire Senior Red Team Engineer role on the Offensive Security team.
This is not a checkbox pen testing role. You'll be doing real adversary emulation against one of the highest-value target environments in the country - payments infrastructure relied on by millions every day. Financially-motivated APTs aren't a hypothetical here; they're the actual threat model. You'll run red team campaigns, partner with the blue team on purple team exercises, build your own tooling, and prove real-world blast radius on findings that matter. They're looking for an operator who thinks like a threat actor, can pivot from a single vulnerability to org-wide impact, and wants to grow technically without being pushed into management. You'll report directly to the Director of Offensive Security, work alongside a sharp and well-resourced team, and have real influence over how the organization defends itself. Strong work-life balance with flexible PTO, 12 weeks of paid parental leave, and a 100% safe harbor 401(k) match on the first 6% - plus a culture that genuinely supports learning, conference attendance, and certification growth.
Required Skills & Experience
- 6+ years of information security experience, with at least 2 years in offensive security roles
- Hands-on experience running red team campaigns and adversary emulation exercises
- Strong working knowledge of tools and techniques for network, cloud, and web-based campaigns, plus the ability to develop and execute new exploits at scale
- Solid grasp of threat modeling, cloud security, cryptography, authentication & authorization, and defensive detection techniques (including offensive evasion)
- Proficiency writing and maintaining scripts in PowerShell, Python, and Go
- Strong written and verbal communication; able to brief both technical and non-technical audiences
- Bachelor's degree in a relevant field or equivalent practical experience
Desired Skills & Experience
- Hands-on experience with adversary emulation frameworks and C2 platforms (Cobalt Strike, Mythic, Sliver, CALDERA, Atomic Red Team, etc.)
- Deep understanding of MITRE ATT&CK, MITRE CAPEC, and the Cyber Kill Chain
- Mobile application testing and vulnerability research experience
- Practical offensive security certifications: OSCP, OSEP, ePTX, GPEN, HTB CPTS, or equivalent
- Cloud certifications: AWS SAA/SAP, AWS Security Specialty, or equivalent
- Experience moving from a single vulnerability to identifying organization-wide impact
What You Will Be Doing
Tech Breakdown
- 40% Cloud (AWS / Azure) offensive security
- 30% Network & internal infrastructure red teaming
- 20% Web and application-layer exploitation
- 10% Mobile application testing
Daily Responsibilities
- 70% Hands-on (campaigns, exercises, tooling development, exploit research)
- 20% Team collaboration (purple team work, scoping with internal security partners, IR/CTI support)
- 10% Reporting and stakeholder communication
The Offer
- Base salary: $132,000 - $165,000
- Discretionary incentive / bonus eligible
You will receive the following benefits:
- Medical, Dental, and Vision Insurance (PPO/HDHP options with HSA company contributions)
- Flexible PTO for exempt employees, plus 11 paid company holidays and a paid volunteer day
- 401(k) with 100% safe harbor match on first 6% (immediate eligibility)
- 12 weeks paid parental leave
- Family planning benefits including fertility, adoption, and surrogacy support
- Commuter and dependent care FSA options
Never miss an opportunity! Create an alert based on the job you applied for.
