Penetration Tester - Red Team Operator

September 14

Apply Now

Receive Emails with Similar Jobs

phia, LLC

WebsiteLinkedInAll Job Openings

Cybersecurity • Cyber Operations • Cyber Analysis • Intrusion Detection/Prevention • Incident Response

11 - 50

Description

• Perform independent vulnerability and penetration testing assessments, following established methodologies and rules of engagement. • Identify and analyze critical security vulnerabilities that could be exploited to compromise client systems and information. • Assess system and network configurations to detect deviations from accepted security standards and policies. • Execute red team operations simulating real-world adversary tactics, techniques, and procedures (TTPs), focusing on advanced threats. • Collaborate with senior leadership to align red team engagements with broader security strategies. • Integrate threat intelligence into red team activities to ensure engagements reflect realistic, current attack patterns. • Work closely with blue teams and incident response teams to improve organizational defenses based on red team findings. • Prepare detailed reports outlining vulnerabilities and providing actionable, risk-based recommendations for remediation. • Develop, customize, and maintain tools to enhance red team capabilities. • Stay updated on emerging attack vectors, vulnerabilities, and security technologies to inform assessments.

Requirements

• A minimum of 3 years of experience in offensive security or red teaming, with proven ability to work independently. • Bachelor’s degree in Cybersecurity, Computer Science, or a related field. • Strong experience conducting red team operations and adversary emulation independently. • Expertise in vulnerability assessments, focusing on advanced application security and cloud environments. • Proficient in ethical hacking techniques, code reviews, and security auditing. • Expert-level knowledge of key security tools and scripting languages (e.g., Kali Linux, Metasploit, Cobalt Strike, PowerShell, Python). • Experience working with cloud platforms (AWS, Azure, GCP) and containerization technologies. • Familiarity with the MITRE ATT&CK framework for structuring red team engagements. • Strong understanding of government and industry compliance frameworks (e.g., NIST, FISMA, HIPAA). • Proven ability to manage red team engagements and ensure projects are completed on time with minimal oversight. • Strong communication skills to present technical findings to both technical and non-technical audiences. • Experience in military, Intelligence Community, or Law Enforcement is highly valued. • Must be able to obtain and maintain necessary security clearances.