Principal Red Team Operator

Role Summary

Principal Red Team Operator. This role involves advanced red team operations, exploit development, and stealthy offensive security activities within a diverse network environment. Based remotely (Home Worker - USA) and focused on simulating real-world adversarial activities to improve the organization’s security posture.

Responsibilities

• Leverage real attacker emulation to simulate security incidents, observe response across monitoring and incidents, and identify enhancement opportunities
• Develop after action reports to justify security investments and to hone the organization's security posture
• Execute Red Team engagements across networks using real-world Tactics, Techniques, and Procedures (TTPs) from conception to report delivery
• Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence, and manage C2 infrastructure
• Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
• Document identified vulnerabilities and recommend remediation actions to mitigate risk
• Maintain knowledge of applicable Red Team policies, regulations, and compliance documents
• Communicate effectively with team members and during engagements
• Stay current with TTPs and offensive security techniques

Qualifications

• Required:
  • 3+ years of experience as a red team operator
  • Experience with offensive tools and platforms such as Kali Linux, Cobalt Strike, Metasploit, Covenant, Sliver, Bloodhound, Ghostpack, Nmap, Nessus, Zmap, Masscan, EyeWitness, Burp Suite
  • Experience writing high-quality assessment reports and communicating results to clients, teammates, and senior leadership
  • Knowledge of network defense technologies (firewalls, IDS/IPS, antivirus, web content filtering)
  • Experience building red team infrastructure and testing diverse environments
  • Ability to operate and lead organized security testing engagements without assistance
• Preferred:
  • 4+ years of Red Team operations
  • Certifications such as CREST/OSCP/OSCE/OSWP
  • Programming languages: Python, Ruby, Rails; web programming experience (Java, ASP, ASP.NET, HTML, JavaScript)
  • Experience with cloud environments (GCP, Azure, AWS) and AI systems – building, utilization, threat modeling, and testing
  • Rapid tool development and automation experience
  • Regular Expressions (RegEx)
  • Knowledge of SQL Server, SQL Client Tools, and T-SQL Stored Procedures
  • Understanding of Web Application Firewalls
  • Reverse engineering

Skills

• Offensive security tooling and techniques
• Threat modeling and risk assessment
• Technical report writing and communication to technical and non-technical audiences
• Security testing in diverse environments
• Team collaboration and leadership in engagements