ZipRecruiter

Log In

1

Adversarial Emulation Jobs (NOW HIRING)

Booz Allen Hamilton, Inc.

Cyber Test Engineer, Mid

Rome, NY ยท On-site

$61.90K - $141K/yr

Experience with penetration testing or adversarial emulation * Experience with NIST 800-53 security controls * Knowledge of cyber threats and how to appropriately harden a system to prevent them

Booz Allen Hamilton

Cybersecurity Test Engineer

Rome, NY ยท On-site

$61.90K - $141K/yr

Experience with penetration testing or adversarial emulation * Experience with NIST 800-53 security controls * Knowledge of cyber threats and how to appropriately harden a system to prevent them

next page

Showing results 1-20

People also search for

All JobsAdversarial Emulation Jobs

Adversarial Emulation information

See salary details

$15

$50

$75

How much do adversarial emulation jobs pay per hour?

As of Jun 3, 2026, the average hourly pay for adversarial emulation in the United States is $50.45, according to ZipRecruiter salary data. Most workers in this role earn between $39.66 and $61.30 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an Adversarial Emulation Specialist, and why are they important?

To thrive as an Adversarial Emulation Specialist, you need deep knowledge of cybersecurity, penetration testing methodologies, and threat actor tactics, often supported by degrees in computer science or cybersecurity and certifications like OSCP or CISSP. Expertise with technical tools such as Cobalt Strike, Metasploit, and various red teaming frameworks is commonly required. Strong analytical thinking, problem-solving, and clear communication skills help you effectively simulate threats and report findings to stakeholders. These skills are crucial for accurately assessing organizational vulnerabilities and enhancing overall security posture.

What are some common challenges faced by professionals in Adversarial Emulation, and how can they be addressed?

Professionals in Adversarial Emulation often encounter challenges such as staying current with rapidly evolving threat landscapes, accurately simulating sophisticated attacker behaviors, and maintaining clear communication with both technical and non-technical stakeholders. Addressing these requires continuous learning through threat intelligence updates, leveraging automation tools for realistic attack simulations, and collaborating closely with blue teams to ensure findings are actionable. Building strong documentation and reporting skills also helps bridge gaps between different teams and ensures that emulation exercises lead to meaningful improvements in organizational security.

What is adversarial emulation?

Adversarial emulation is a cybersecurity practice in which security teams simulate real-world cyber attacks to test and improve an organization's defenses. By mimicking the tactics, techniques, and procedures (TTPs) of actual threat actors, these exercises help identify vulnerabilities and gaps in security controls. Adversarial emulation often involves using frameworks like MITRE ATT&CK to guide realistic scenarios, ensuring organizations are better prepared against genuine threats.

What is the difference between Adversarial Emulation vs Penetration Tester?

AspectAdversarial EmulationPenetration Tester
CredentialsSecurity certifications, such as CISSP, CEHSecurity certifications, such as OSCP, CEH
Work EnvironmentSimulates real-world attack scenarios to test defensesConducts controlled security assessments to identify vulnerabilities
Industry UsageUsed in cybersecurity to evaluate security postureCommonly hired for security testing and vulnerability assessments

Adversarial Emulation and Penetration Testing both aim to identify security weaknesses. However, Adversarial Emulation focuses on mimicking sophisticated attacker behaviors to test defenses in a realistic manner, while Penetration Testing involves systematic vulnerability scans and exploits to find security flaws. Both roles require similar certifications and are integral to cybersecurity strategies, but their approaches and objectives differ slightly.

More about Adversarial Emulation jobs
What cities are hiring for Adversarial Emulation jobs? Cities with the most Adversarial Emulation job openings:
What states have the most Adversarial Emulation jobs? States with the most job openings for Adversarial Emulation jobs include:
What job categories do people searching Adversarial Emulation jobs look for? The top searched job categories for Adversarial Emulation jobs are:
Adversarial Emulation jobs near you
Principal Red Team Operator / Leader - Hybrid

Principal Red Team Operator / Leader - Hybrid

SWIFT

Manassas, VA โ€ข On-site

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 23 days ago

Job description

ABOUT US
We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy.
We're unique too. We were established to find a better way for the global financial community to move value - a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.
Swift is seeking an experienced Red Team leader to research, plan, and conduct advanced adversary emulation campaigns across our enterprise environments and conduct purple teaming activities to evolve the detection capabilities of our internal SOC. This role combines deep hands-on technical knowledge of Red Team operations, tooling, infrastructure, and operator development. You will design and direct large-scale adversary simulations, coordinate multi-operator campaigns, and ensure Red Team tradecraft remains ahead of evolving organizational defenses. You will be responsible not only for executing complex offensive operations, but also for shaping Red Team capability, mentoring operators, and translating offensive outcomes into measurable defensive improvement.
In addition to the responsibilities described above, this role includes direct people management responsibilities to include leading, coaching, and developing team members, conducting performance management evaluations, and supporting hiring and work-force planning efforts.
What to Expect:
In this role you will:
Red Team Operations & Campaign Leadership
  • Architect, monitor and execute end-to-end adversary simulations across enterprise, cloud and hybrid infrastructures
  • Lead and coordinate multi-operator exploitation teams, managing simultaneous kill chains and campaign logistics
  • Direct complex Red Team engagements from reconnaissance and initial access through persistence, lateral movement and data exfiltration
  • Design and execute network, application, wireless, physical and cloud penetration tests
  • Build, operate, and maintain Red Team infrastructure, including command-and-control (C2) ecosystems, phishing platforms and operational security (OPSEC) tooling
  • Develop and operationalize custom tooling, payloads, automation and exploitation chains
  • Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms
  • Ensure operational realism, safety, and compliance with internal policy, legal constraints, and regulatory requirements
  • Align Red Team operations with the MITRE ATT&CK framework and threat-led industry testing standards

Leadership, Collaboration & Strategic Enablement
  • Lead Purple Team exercises and translate offensive findings into prioritized defensive improvements
  • Partner with SOC, Threat Intelligence, Risk Management, and Engineering teams to strengthen detection and response maturity
  • Mentor and develop junior and mid-level operators, sharing techniques, lessons learned, and tooling improvements
  • Foster an environment of internal information sharing
  • Interpret technical exploitation in the context of business risk and control effectiveness
  • Communicate technical risk clearly to security leadership and key stakeholders
  • Produce high-quality After-Action Reports (AARs), executive summaries, and technical documentation
  • Ensure that all Red Team related processes adhere to governance and regulatory requirements

What Success Looks Like in This Role
  • Designs and Leads complex Red Team engagements independently and as part of a broader campaign strategy
  • Delivers realistic adversary simulations that measurably improve detection and response maturity
  • Builds and maintains resilient, covert Red Team infrastructure and tooling ecosystems
  • Develops novel exploitation techniques that stress modern defensive controls
  • Produces clear, actionable reports aligned to business risk and regulatory expectations
  • Strengthens Red Team capability through mentorship, process maturity, and tradecraft standardization
  • Acts as a trusted deputy and technical authority for the Head of the Adversarial Emulation and Testing team

What will make you successful:
We are seeking professionals with:
  • Bachelors Degree in Computer Science or related field
  • 10 + years of relevant experience
  • Offensive Security Certified Professional (OSCP) or higher Offsec certification
  • Proven experience leading and executing Red Team operations and adversary simulations
  • Advanced skills across network, application, cloud, wireless and hybrid penetration testing
  • Strong command of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration)
  • Experience with Active Directory exploitation, Linux privilege escalation, kernel-level techniques, and cloud identity systems
  • Ability to chain vulnerabilities and bypass modern endpoint detection technologies
  • Proficiency with Red Team tooling, including C2 frameworks, scanners, phishing platforms and OPSEC tooling
  • Deep understanding of persistence mechanisms, identity-based attacks and stealth tradecraft
  • Familiarity with the MITRE ATT&CK framework and adversary emulation methodologies
  • Strong technical writing and reporting capabilities
  • Strong presentation skills and ability to tailor the message to the intended audience
  • Demonstrated ability to mentor operators and lead technical teams
  • Demonstrated experience supporting Purple Team exercises and detection engineering
  • Demonstrated experience managing or coordinating multi-operator Red Team engagements

Preferred Qualifications:
  • Experience developing custom exploits, scripts, and automation
  • Experience aligning operations with regulatory frameworks such as TIBER or similar threat-led testing standards

Certifications and Professional Development
Recommended / Supported Path
  • Offensive Security Exploit Expert (OSEE)
  • Certified Red Team Operator Level II (CRTO II) or equivalent advanced adversary simulation certifications
  • GIAC Red Team Professional (GRTP), where available
  • Offensive Security Experienced Penetration Tester (OSEP) and/or Offensive Security Web Expert (OSWE)
  • Advanced SANS coursework (e.g., SEC760, SEC660)
  • Cloud exploitation and identity attack specialization training

We support continuous learning and provide structured training, certification sponsorship, and long-term career development opportunities.
Why Join Us
  • Lead adversary emulation and Red Team operations at enterprise scale
  • Operate as a technical authority to support a continuously maturing Red Team program
  • Work alongside a highly technical, security organization
  • Influence enterprise-wide security strategy, resilience, and regulatory posture
  • Grow your career through advanced training, certifications, and leadership
  • opportunities
  • Make a measurable, real-world impact on organizational security outcomes
  • A flexible work from home (WFH) schedule

Swift is unable to sponsor an employment authorization for this position now or in the future.
The estimated salary range for a new hire in this position in Virginia is $145,877.00 USD Annual MINIMUM to $270,915.00 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. Our compensation packages include a competitive base salary and bonus opportunity for all employee's contingent on personal and company performance. Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.
What we offer
We give you the freedom to be yourself. We are creating an environment of unique individuals - like you - with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.
We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contact accessibility-Sysgroup@swift.com or indicate this in your application.
Please note that this mailbox is not monitored for general recruitment enquiries and should only be used for accessibility or accommodation-related requests (for example related to vision, hearing or neurodiversity).
All requests are confidential and will not affect your candidacy.
Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Apply