1

Adversary Emulation Jobs (NOW HIRING)

Senior Red Team Operator

Cleveland, OH · On-site

$98K - $126K/yr

Serve as the lead operator for adversary emulation activities, executing end-to-end attack scenarios across enterprise environments. * Plan and execute realistic attack chains including initial ...

Principal Operator, Red Team Role Summary The Operator, Red Team is a hands on offensive security practitioner responsible for executing advanced adversary emulation and continuous red teaming ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...

next page

Showing results 1-20

Adversary Emulation information

See salary details

$39

$58

$73

How much do adversary emulation jobs pay per hour?

As of Jun 30, 2026, the average hourly pay for adversary emulation in the United States is $58.47, according to ZipRecruiter salary data. Most workers in this role earn between $51.44 and $65.14 per hour, depending on experience, location, and employer.

What is adversary emulation?

Adversary emulation is a cybersecurity practice where security professionals simulate the tactics, techniques, and procedures of real threat actors to test and improve an organization's defenses. It involves creating realistic attack scenarios to identify vulnerabilities and enhance incident response capabilities, often using tools like red team exercises and threat intelligence. This role requires knowledge of cyber threats, attack methods, and security frameworks.

What is the difference between Adversary Emulation vs Penetration Tester?

AspectAdversary EmulationPenetration Tester
CredentialsCybersecurity certifications, threat intelligence knowledgeSecurity certifications, ethical hacking certifications
Work EnvironmentSimulates real-world adversary tactics in controlled environmentsIdentifies vulnerabilities through controlled testing
Industry UsageUsed in threat simulation, red teaming, and advanced security assessmentsUsed in vulnerability assessments and security audits

Adversary Emulation focuses on mimicking real-world attacker tactics to test defenses, while Penetration Testing identifies vulnerabilities by exploiting weaknesses. Both roles are essential for comprehensive cybersecurity strategies but differ in scope and approach.

What jobs pay 2000 a day?

In the field of adversary emulation, highly specialized roles such as senior cybersecurity consultants or penetration testers can sometimes command daily rates around $2,000, especially for freelance or contract work requiring advanced skills, certifications, and experience. These roles often involve simulated cyberattacks to test security defenses and may require knowledge of tools like Metasploit, Kali Linux, or custom scripting. Such high daily rates are typically associated with independent contractors or consultants working in high-demand environments.

How much do red teamers get paid?

Red teamers, or adversary emulation specialists, typically earn between $80,000 and $150,000 annually, depending on experience, certifications, and location. Senior professionals with advanced skills in penetration testing, scripting, and security tools can earn higher salaries, especially in high-demand industries.

What are the key skills and qualifications needed to thrive in Adversary Emulation, and why are they important?

To thrive in Adversary Emulation, you need deep knowledge of cybersecurity, attack methodologies, and penetration testing, often supported by degrees in computer science or related certifications such as OSCP or CISSP. Familiarity with tools like Cobalt Strike, Metasploit, and SIEM platforms is commonly required. Analytical thinking, creativity, and strong communication skills are essential to mimic real-world threats and report findings clearly. These skills are crucial for accurately simulating adversary tactics, identifying security gaps, and helping organizations strengthen their cyber defenses.

What is the salary of emulation engineer in Intel?

The salary of an emulation engineer at Intel typically ranges from $80,000 to $150,000 annually, depending on experience, location, and level. These roles often require knowledge of hardware design, verification tools, and scripting languages.

What are the typical challenges faced by professionals in Adversary Emulation roles?

Adversary Emulation specialists often encounter the challenge of staying ahead of rapidly evolving attack techniques and threat actor behaviors. They must continuously update their knowledge and adapt their methodologies to realistically mimic current adversaries, which requires ongoing research and collaboration with threat intelligence teams. Additionally, balancing the realism of simulated attacks with organizational risk tolerance and ensuring minimal disruption during assessments can be complex. Working closely with security operations, incident response, and IT teams is essential to maximize the value of each engagement and provide actionable insights for improving defenses.
More about Adversary Emulation jobs
What cities are hiring for Adversary Emulation jobs? Cities with the most Adversary Emulation job openings:
What states have the most Adversary Emulation jobs? States with the most job openings for Adversary Emulation jobs include:
What job categories do people searching Adversary Emulation jobs look for? The top searched job categories for Adversary Emulation jobs are:
Infographic showing various Adversary Emulation job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 89% Physical, 5% Hybrid, and 6% Remote job distribution, with an average salary of $121,624 per year, or $58.5 per hour.
Senior Red Team Operator

Senior Red Team Operator

Sherwin-Williams

Cleveland, OH • On-site

$98K - $126K/yr

Full-time

Medical, Retirement

Posted 9 days ago


Sherwin-Williams rating

7.6

Company rating: 7.6 out of 10

Based on 667 frontline employees who took The Breakroom Quiz

224th of 527 rated manufacturers


Job description


The Threat Management Senior Red Team Operator is a cybersecurity professional responsible for leading and executing end-to-end adversary emulation activities across the enterprise. This role serves as a subject matter expert in simulating realistic attack scenarios, including social engineering, credential access, lateral movement, persistence, and ransomware-based attack paths, to assess and validate the organization's ability to detect, respond to, and withstand real-world threats.
The Red Team Operator is not a traditional penetration tester but instead focuses on full attack chain execution aligned to threat-informed scenarios, business risk, and known control gaps. This role requires a strategic and technical operator capable of planning, coordinating, and executing complex engagements while collaborating closely with Incident Response, Threat Intelligence, Detection Engineering, and Application Security teams to drive measurable improvements in enterprise security posture.
This role reports directly to the Senior Manager - Threat Management
Responsibilities
  • Serve as the lead operator for adversary emulation activities, executing end-to-end attack scenarios across enterprise environments.

  • Plan and execute realistic attack chains including initial access, social engineering, credential access, lateral movement, persistence, and ransomware simulation.

  • Act as the primary subject matter expert during Red Team engagements, guiding execution strategy and adapting based on environmental conditions.

  • Translate threat intelligence, business risk, and known control gaps into prioritized attack scenarios.

  • Collaborate with Threat Intelligence to ensure alignment with real-world adversary tactics, techniques, and procedures (TTPs).

  • Partner with Incident Response and Detection Engineering teams to validate detection, response, and triage effectiveness during simulations.

  • Expand findings beyond isolated vulnerabilities by chaining weaknesses into full attack paths.

  • Document engagement activities, findings, and recommendations with a focus on actionable improvements.

  • Support post-engagement reviews to identify detection gaps, control weaknesses, and response improvements.

  • Assist in the development and refinement of adversary emulation methodologies, playbooks, and procedures.

  • Collaborate with Application Security to validate whether vulnerabilities can be exploited in realistic scenarios.

  • Maintain and operate Red Team infrastructure, tooling, and testing environments.

  • Support tabletop exercises and purple team engagements to enhance organizational readiness.

  • Stay current on emerging adversary techniques, tools, and tradecraft.

This is a remote position.
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa. Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company's staff, employees, and business relationships.
Qualifications
Formal Education & Certification
  • Bachelor's degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
  • Relevant certifications such as OSCP, CRTO, GPEN, or similar are preferred.

Knowledge & Experience
  • 5+ years IT/Cybersecurity experience.
  • Proven experience executing adversary emulation, Red Team, or advanced security testing activities.
  • Strong understanding of attack methodologies across enterprise environments, including identity systems, endpoints, networks, and cloud platforms.
  • Experience with social engineering techniques and user-focused attack vectors.
  • Familiarity with lateral movement, privilege escalation, and persistence mechanisms.
  • Understanding of ransomware behaviors and attack patterns.
  • Experience operating within structured attack frameworks such as MITRE ATT&CK.
  • Ability to adapt attack execution based on detection and defensive controls.
  • Strong communication skills with the ability to translate technical findings into business risk.
  • Ability to operate independently and lead complex engagements in dynamic environments.

Preferred Experience
  • Experience with command-and-control frameworks (e.g., Sliver, Cobalt Strike, or similar).
  • Familiarity with identity and Active Directory attack tooling (e.g., BloodHound, Impacket, Mimikatz or equivalent techniques).
  • Experience with reconnaissance and enumeration tools (e.g., Nmap, NetExec, or similar).
  • Exposure to phishing and social engineering platforms (e.g., GoPhish or equivalent).
  • Familiarity with cloud security assessment and attack tooling (e.g., ScoutSuite or similar platforms).
  • Experience managing Red Team infrastructure, including VPS environments, domain setup, and attack staging infrastructure.
  • Exposure to adversary emulation validation platforms or automated testing solutions preferred (e.g., Safe Breach)
  • Experience collaborating with SOC, Detection Engineering, or Incident Response teams in a CSOC or MSSP environment.
  • Must be eighteen years or older.

About Us
At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in:
Life ... with rewards, benefits and the flexibility to enhance your health and well-being
Career ... with opportunities to learn, develop new skills and grow your contribution
Connection ... with an inclusive team and commitment to our own and broader communities
It's all here for you... let's Create Your Possible
At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute-it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on "Candidates" to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.
Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.
Sherwin-Williams is proud to be an Equal Employment Opportunity employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.
As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.
Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.

What Sherwin-Williams employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom