Job Description:

Role Overview

The Security Operations team is hiring a Senior Red Team Specialist.  

The Senior Red Team Specialist is a highly skilled individual contributor within the Security Operations organization, responsible for planning and executing advanced offensive security operations that emulate real‑world adversaries and rigorously test enterprise security controls. This role is deeply technical and hands‑on, with active engagement across endpoint, identity, cloud, SaaS, network, and application environments.

This position partners closely with Detection Engineering, Threat Hunting, Incident Response, and Purple Team functions to ensure red team engagements drive measurable improvements in detection coverage, response effectiveness, and overall defensive posture. While the role does not own enterprise‑wide red team strategy, it plays a key role in shaping red team tactics, tooling, and execution standards, and in translating offensive findings into actionable defensive outcomes.

Your responsibilities will be:

• Executing adversary emulation and red team engagements aligned to real‑world threat actor techniques and objectives

• Performing hands‑on offensive operations, including initial access, persistence, privilege escalation, lateral movement, and command‑and‑control

• Developing, maintaining, and safely using custom red team tooling, scripts, and techniques

• Working closely with detection and threat hunting teams to validate detections and response effectiveness during red and purple team exercises

• Assisting in the design and execution of assumed breach scenarios and multi‑stage attack chains

• Identifying control gaps, detection blind spots, and architectural weaknesses across enterprise environments

• Supporting incident response teams during complex investigations by providing attacker tradecraft insight

• Producing clear, actionable reporting that translates technical findings into operationally relevant recommendations

• Contributing to the improvement of red team processes, safety controls, and engagement playbooks

• Mentoring junior analysts and contributing to skills development across the security operations team

The ideal candidate has

• 5+ years of experience in red teaming, penetration testing, or offensive security, with demonstrated hands‑on impact

• Bachelor’s degree or equivalent practical experience

• Strong knowledge of attacker tradecraft and TTPs across modern enterprise environments

• Hands‑on experience attacking and evading controls in endpoint, identity, cloud, and hybrid infrastructures

• Working understanding of defensive security technologies, such as EDR, SIEM, identity protection, and cloud security controls

• Experience collaborating in purple team exercises and adapting techniques based on detection feedback

• Ability to independently plan and execute offensive tasks within a defined engagement scope

• Strong written and verbal communication skills, including technical documentation and reporting

• High ethical standards and experience operating within defined rules of engagement 

You’ll really stand out with: 

• Experience executing threat‑intelligence‑informed adversary emulation, not just vulnerability‑driven testing

• A track record of helping convert red team findings into improved detections or response playbooks

• Strong scripting or automation skills (e.g., Python, PowerShell, Bash) to support tooling and operations

• Familiarity with MITRE ATT&CK for mapping activity and communicating impact

• Experience operating in regulated or large enterprise environments

• Demonstrated ability to mentor junior analysts or contribute to internal training materials

• Curiosity, adaptability, and a continuous improvement mindset