Principal Red Team Operator
Verizon · Ashburn, VA · 6 days ago
Management$121k–$231k/yrFull-time
About the role
The Verizon Cyber Security (VCS) organization enables the business by protecting assets and information across Verizon networks, infrastructure and applications. VCS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
Responsibilities
- Leading and executing end-to-end Red Team assessments, including adversary/threat simulation and emulation, social-engineering testing, and cybersecurity control bypass techniques.
- Developing adversary emulation plans that align with MITRE ATT&CK by incorporating cyber threat intelligence.
- Configuring and safely utilizing attacker tools, tactics, and procedures for Verizon environments.
- Developing presentations and reports that effectively communicate to both technical and executive audiences.
- Assisting offensive security assessment operations in support of Red, Blue, and Purple Teams.
- Planning and executing comprehensive penetration testing exercises, including vulnerability scanning, network reconnaissance, and exploitation of identified weaknesses.
- Continuously enhancing the organization's security posture by sharing knowledge and expertise with other security team members.
- Effectively communicating findings and strategies to client stakeholders, including technical staff, executive leadership, and legal counsel.
- Providing risk-appropriate and pragmatic recommendations to correct found vulnerabilities.
- Developing scripts, tools, or methodologies to enhance Verizon’s red teaming and penetration testing processes and tradecraft.
- Providing leadership and guidance to advance the offensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise.
Requirements
- Bachelor's degree or four or more years of experience.
- Six or more years of relevant, demonstrated through one or a combination of job-related work experience, military experience, or specialized training or education (non-collegiate).
- Six or more years of direct offensive security experience, specifically leading engagements in Adversary Emulation, Adversary Simulation, Threat Emulation or Threat Simulation.
Qualifications
- Proven ability to modify TTPs to evade modern EDR/NDR/XDR solutions and bypass security controls like AMSI and ETW.
- Thorough understanding of network protocols, with the ability to design covert command-and-control channels that blend with legitimate traffic.
- Implementation-level familiarity with modern exploitation, including buffer overflows, heap spraying, ROP chains, and logic flaws.
- Advanced proficiency in reading and modifying code in languages such as C#, C/C++, Go, or Java for the purpose of exploit development and custom tooling.
- Advanced industry certifications such as OSEP, OSED, GXPN, CRTO, or OSCP/OSWE.
- Fluency in Blue Team processes and technologies (SIEM logic, threat hunting, SOC triage) to better simulate realistic threats and provide actionable feedback.
- Demonstrated proficiency in scripting and automation (Python, Bash, PowerShell) to develop custom offensive security tooling and bypass security controls.
Skills
- Emulation of adversarial thinking.
- Deep understanding of operating system security, networking protocols, firewalls, databases and middleware applications, forensics, scripting and programming, and phishing techniques.
Benefits
- Health and wellness benefits including medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
- Award-winning total rewards package including a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives.
- Premium pay such as overtime, shift differential, holiday pay, allowances, etc.
- Up to 15 days of vacation per year, which grows with additional service.
Pay
$120,500.00 - $231,000.00 annually based on a full-time schedule.
Schedule
This is a hybrid role with a defined work location that includes working from home and a minimum of three days per week in the office, which will be set by your manager.