Senior Red Team Operator

Senior Red Team Engineer

Location:United States (Remote)

A global financial institution is hiring a Senior Red Team Engineer to join its internal offensive security team. This is a rare opportunity to work in a mature, highly capable global red team that focuses exclusively on real-world adversary simulation — not generic pen testing.

You’ll be responsible for leading and executing sophisticated red team operations across the bank’s global footprint. The team operates with full scope: endpoint, network, application, cloud, physical, and human-based vectors. You should bring a deep understanding of attacker tradecraft, be comfortable building your own tooling when needed, and have the mindset of someone who enjoys thinking like an adversary — not just scanning for vulnerabilities.

We’re looking for someone with real depth in at least one area of red teaming (e.g., evasive payload development, infrastructure, Windows internals, social engineering, etc.). This is a hands-on technical role, suited to someone who has already spent several years in dedicated offensive roles and wants to operate in a high-trust, high-impact environment.

What you’ll be doing:

• Designing and delivering full kill-chain red team operations targeting enterprise assets and staff
• Emulating real-world APT behavior, including custom tooling, C2 infrastructure, lateral movement, and exfiltration
• Working closely with detection and response teams to test visibility and improve resilience
• Leading campaign design, execution, and reporting, with a focus on realism and impact
• Creating or modifying tools, exploits, and payloads as needed — not relying solely on off-the-shelf frameworks
• Supporting threat-led testing programs and integrating threat intelligence into operations
• Maintaining strict operational security and professional discipline in all activities

What we’re looking for:

• 3–4+ years of true red teaming experience (not general pen testing)
• A deep skillset in one or more areas: evasions, custom malware, cloud red teaming, physical access, phishing infrastructure, or post-exploitation
• Strong scripting or development background (e.g., Python, Go, C#, or C)
• Experience with major red team frameworks (e.g., Sliver, Mythic, Cobalt Strike) and a willingness to go beyond them
• Familiarity with adversary emulation frameworks and MITRE ATT&CK
• Exposure to social engineering or physical red teaming is a strong bonus
• A calm, pragmatic communicator who can write clearly and explain technical risk to a non-technical audience
• High level of personal ownership, operational maturity, and discretion

This is an opportunity to work in one of the most well-resourced offensive security programs in financial services, with global scope, freedom to innovate, and a mission-critical mandate.