Senior Red Team Specialist

We’re Hiring: Senior Red Team Specialist

Were looking for a Senior Red Team Cybersecurity Specialist to join our offensive security operations. In this high-impact role, youll proactively identify weaknesses before attackers do, simulating advanced persistent threats (APTs) to rigorously test our systems, people, and infrastructure.

This is a key position for a hands-on expert who thrives on ethical hacking and wants to build a best-in-class offensive security function.

What You’ll Do

• Execute Realistic Engagements: Design and lead red team engagements that simulate real-world threat actors.
• Conduct Full-Scope Testing: Perform comprehensive internal and external penetration tests across web, mobile, and network infrastructure.
• Exploit & Escalate: Identify vulnerabilities, develop custom exploits, and escalate privileges.
• Use Adversary Tools: Utilize C2 frameworks such as Cobalt Strike, Sliver, Mythic, or Empire.
• Perform Social Engineering: Conduct social engineering assessments, including phishing, vishing, and physical intrusion tests.
• Stay Ahead of Threats: Map attack surfaces using tools like BloodHound and SharpHound and stay current on adversary TTPs using MITRE ATT&CK.
• Develop Malware: Create custom malware, obfuscate payloads, and bypass EDR/XDR solutions.
• Report & Collaborate: Generate actionable reports for the blue team with clear risk analysis and work with them to enhance detection and response capabilities.
  
  

• Experience: 6+ years of total experience, with at least 4 years of dedicated hands-on offensive security and red teaming.
• Technical Skills: Strong command of tools like Metasploit, Cobalt Strike, Burp Suite, and Nmap.
• Scripting: Experience with custom script development in Python, Bash, or PowerShell.
• Core Knowledge: A deep understanding of Active Directory exploitation, lateral movement, and privilege escalation techniques.
• Frameworks: Familiarity with MITRE ATT&CK, NIST, and OWASP.
• Communication: The ability to write detailed reports and clearly communicate complex technical findings to non-technical stakeholders.
  
  

• Mandatory: OSCP, CRTP, OSCE
• Preferred: GRTP, OSEE
  
  

• Salary: Above industry average