Principal Red Team Operator
Verizon · Cary, NC · 6 days ago
Management$121k–$231k/yrFull-time
Responsibilities
- Leading and executing end-to-end Red Team assessments, including adversary/threat simulation and emulation, social-engineering testing, and cybersecurity control bypass techniques.
- Developing adversary emulation plans that align with MITRE ATT&CK by incorporating cyber threat intelligence.
- Configuring and safely utilizing attacker tools, tactics, and procedures for Verizon environments.
- Developing presentations and reports that effectively communicate to both technical and executive audiences.
- Assisting offensive security assessment operations in support of Red, Blue, and Purple Teams.
- Planning and executing comprehensive penetration testing exercises, including vulnerability scanning, network reconnaissance, and exploitation of identified weaknesses.
- Continuously enhancing the organization's security posture by sharing knowledge and expertise with other security team members.
- Effectively communicating findings and strategies to client stakeholders, including technical staff, executive leadership, and legal counsel.
- Providing risk-appropriate and pragmatic recommendations to correct found vulnerabilities.
- Developing scripts, tools, or methodologies to enhance Verizon’s red teaming and penetration testing processes and tradecraft.
- Providing leadership and guidance to advance the offensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise.
Requirements
- Bachelor's degree or four or more years of experience.
- Six or more years of relevant, direct offensive security experience, specifically leading engagements in Adversary Emulation, Adversary Simulation, Threat Emulation or Threat Simulation.
- Proven ability to modify TTPs to evade modern EDR/NDR/XDR solutions and bypass security controls like AMSI and ETW.
- Thorough understanding of network protocols, with the ability to design covert command-and-control channels that blend with legitimate traffic.
- Implementation-level familiarity with modern exploitation, including buffer overflows, heap spraying, ROP chains, and logic flaws.
- Advanced proficiency in reading and modifying code in languages such as C#, C/C++, Go, or Java for the purpose of exploit development and custom tooling.
- Advanced industry certifications such as OSEP, OSED, GXPN, CRTO, or OSCP/OSWE.
- Fluency in Blue Team processes and technologies (SIEM logic, threat hunting, SOC triage) to better simulate realistic threats and provide actionable feedback.
- Demonstrated proficiency in scripting and automation (Python, Bash, PowerShell) to develop custom offensive security tooling and bypass security controls.
Qualifications
- Even better if you have one or more of the following:
- Deep knowledge of Operating System internals (Windows, Linux, macOS) including memory management, process injection, API hooking, and kernel-level structures.
- Expertise in Active Directory and Azure AD attacks, including advanced techniques like Kerberoasting, DCSync, Golden Ticket, and identity federation exploits.
- Advanced proficiency in reading and modifying code in languages such as C#, C/C++, Go, or Java for the purpose of exploit development and custom tooling.
- Advanced industry certifications such as OSEP, OSED, GXPN, CRTO, or OSCP/OSWE.
- Track record of continuous evolution, demonstrated by participation in CTFs, contributions to open-source security tools, or speaking at industry conferences.
- Advanced proficiency in scripting and automation (Python, Bash, PowerShell) to develop custom offensive security tooling and bypass security controls.
Benefits and Compensation
- Health and wellness benefits including medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
- Award-winning total rewards package including a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance.
- Premium pay opportunities such as overtime, shift differential, holiday pay, allowances, etc.
- Up to 15 days of vacation per year, which grows with additional service.
- Annual salary range for the location(s) listed on this job requisition based on a full-time schedule is: $120,500.00 - $231,000.00.