Jobs · Rhode Island

Principal Red Team Operator

Citizens · Johnston, RI · 3 days ago
$120k–$210k/yrFull-time

Description

Role Summary

The Operator, Red Team is a hands-on offensive security practitioner responsible for executing advanced adversary emulation and continuous red teaming operations across a modern, cloud and AI enabled enterprise.

This role plays a critical part in building and scaling the organization’s offensive security capability and ensuring the company stays ahead of emerging threats in an evolving risk landscape.

Operating within high impact engagements, this individual will simulate real-world attackers, identify and validate attack paths, and partner closely with defensive teams to ensure findings translate into measurable improvements in detection, response, and overall risk posture.

Success in this role requires deep technical tradecraft, strong operational discipline, and a mindset focused not just on breaking systems, but on strengthening them through full lifecycle accountability.

This role reports to the Red Team Manager and works closely with Blue Team, Detection Engineering, Threat Intelligence, and Incident Response through Purple Teaming to continuously improve defensive effectiveness.

Locations and Work Arrangement

Candidates must be willing to commute to one of the following hub locations with a hybrid schedule and flexibility across the listed hubs.

  • Johnston
  • RIBoston, MA
  • Iselin, NJ
  • Pittsburgh, PA
  • Plano or Irving, TX
  • Phoenix, AZ
  • Charlotte, NC
  • Manchester, NC
  • Cleveland, OH

Key Responsibilities

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence-driven attack paths.

Design and execute campaign-based attack operations that simulate real-world adversary behavior across enterprise environments.

Perform hands-on exploitation and abuse across on-prem, cloud, SaaS, and hybrid infrastructures.

Simulate advanced attacker tradecraft, including living off the land techniques, identity abuse, privilege escalation, lateral movement, persistence, command and control, and controlled data exfiltration.

Execute prompt manipulation, indirect prompt injection, and AI model misuse scenarios to evaluate emerging attack surfaces.

Collaborate closely with Detection Engineering and Blue Team during Purple Team engagements to validate detections, identify coverage gaps, and refine response effectiveness.

Translate offensive findings into actionable remediation insights and partner with stakeholders to ensure vulnerabilities are addressed and control effectiveness is improved.

Leverage and extend red team tooling and frameworks and develop targeted scripts or payloads to emulate specific adversary behaviors.

Document findings clearly, including attack paths, control weaknesses, and detection gaps, contributing to engagement reports and technical debriefs.

Operate within defined rules of engagement, safety protocols, and ethical guidelines to ensure realistic and controlled testing.

Stay current on evolving adversary tactics, offensive tooling, and AI security research, incorporating new techniques into ongoing testing efforts.

Experience and Skills

4 to 8 years of hands-on cybersecurity experience with a strong focus on Red Team operations, adversary emulation, or advanced offensive security.

Demonstrated experience executing Red Team or Purple Team engagements in assumed breach or adversary-based scenarios.

Proven ability to design and execute attack paths rather than relying solely on automated tools or point-in-time testing.

Strong technical capability across multiple attack surfaces, including identity and access attacks, endpoint and network exploitation, cloud and SaaS environments, and command and control frameworks.

Understanding of campaign-based red teaming and continuous testing approaches, including iterative and regression-style validation.

Working knowledge of AI security concepts, including how AI-enabled systems, inputs, and workflows can be manipulated or abused.

Ability to collaborate with Blue Team and Detection Engineering to translate offensive activity into improved detection and response capabilities.

Strong operational discipline, including clear documentation, safe execution, and adherence to engagement constraints.

Effective communication skills, with the ability to explain technical findings to security practitioners and cross-functional partners.

Demonstrated curiosity, adaptability, and ability to operate in rapidly evolving threat and technology environments.

Education and Certifications

Bachelor’s Degree in Security, Computer Science, Information Technology, or related field, or equivalent experience.

  • Relevant industry certifications such as OSCP, OSEP, CRTO, CRTP, or similar advanced offensive security credentials.
  • Exposure to AI security testing or AI red teaming through hands-on work, training, or research is preferred.

Similar jobs