Senior Red Team Operator
U.S. Bank · Chicago, IL · 1 wk ago
Manufacturing$133k–$157k/yrFull-time
Key Responsibilities
- Lead and execute advanced threat emulation, Red Team, and adversarial simulation exercises that replicate sophisticated threat actors.
- Conduct offensive security assessments against enterprise networks, applications, cloud platforms, infrastructure, and physical security controls.
- Develop custom tools, payloads, exploits, and automation capabilities to support complex Red Team operations.
- Research emerging threats, attacker methodologies, and offensive security techniques to continuously enhance team capabilities.
- Design and execute multi-stage attack scenarios that assess the effectiveness of security controls, monitoring capabilities, and incident response processes.
- Produce executive and technical reporting that clearly documents attack chains, business impact, risk severity, and remediation recommendations.
- Serve as a trusted advisor and subject matter expert to security operations, detection engineering, threat hunting, and technology teams.
- Lead purple team engagements to validate detection coverage and improve defensive capabilities.
- Mentor and develop junior Red Team operators while contributing to operational standards, methodologies, and best practices.
- Drive continuous improvement initiatives through automation, process optimization, and capability development.
Basic Qualifications
- Bachelor's degree or equivalent experience
- 8+ years experience in information security
Preferred Qualifications
- Seven or more years of experience in information security, including significant experience in offensive security, penetration testing, or Red Team operations.
- Demonstrated experience leading Red Team engagements, threat emulation exercises, and adversarial simulations within complex enterprise environments.
- Advanced expertise in exploit development, custom payload creation, offensive tooling development, and attack automation.
- Extensive experience with industry-standard offensive security and command-and-control frameworks such as Cobalt Strike, Metasploit, Mythic, Sliver, and similar platforms.
- Proven ability to bypass, evaluate, and assess modern security technologies including EDR, XDR, endpoint protection, and network-based controls.
- Strong proficiency in multiple programming and scripting languages including Python, PowerShell, C/C++, C#, Go, and Shell scripting.
- Deep understanding of enterprise architecture, cloud technologies, application security, network security, identity systems, and emerging cyber threats.
- Experience performing purple team activities and partnering with defensive teams to improve detection and response capabilities.
- Experience leveraging Infrastructure as Code (IaC), automation frameworks, and cloud-native technologies.
- Proven ability to identify complex vulnerabilities, develop innovative attack paths, and create proof-of-concept exploits that demonstrate business risk.
- Excellent communication and presentation skills with the ability to translate highly technical concepts into actionable recommendations for senior leadership and executive stakeholders.
- Demonstrated ability to lead complex offensive security initiatives, influence strategic security decisions, and drive measurable improvements to the organization's security posture.