ZipRecruiter

Log In

1

Adversary Emulation Jobs (NOW HIRING)

ECS

Senior Penetration Testing Lead

Fairfax, VA · On-site

$117K - $160K/yr

... advanced adversary emulation activities including lateral movement analysis, privilege escalation, command-and-control simulation, and post-exploitation impact assessment while maintaining ...

ECS

Senior Penetration Testing Lead

Falls Church, VA · On-site

$122K - $167K/yr

This is a senior technical leadership role demanding deep expertise in adversary emulation, red team operations, and government authorization processes, with direct responsibility for protecting ...

next page

Showing results 1-20

People also search for

All JobsAdversary Emulation Jobs

Adversary Emulation information

See salary details

$39

$58

$73

How much do adversary emulation jobs pay per hour?

As of Jun 6, 2026, the average hourly pay for adversary emulation in the United States is $58.47, according to ZipRecruiter salary data. Most workers in this role earn between $51.44 and $65.14 per hour, depending on experience, location, and employer.

What is adversary emulation?

Adversary emulation is a cybersecurity practice in which security professionals simulate real-world cyber attackers, or adversaries, to test and improve an organization’s defenses. By mimicking the tactics, techniques, and procedures (TTPs) used by actual threat actors, adversary emulation helps organizations identify vulnerabilities, assess detection and response capabilities, and strengthen their overall security posture. These exercises are often based on threat intelligence and frameworks like MITRE ATT&CK to ensure realistic scenarios.

What is the difference between Adversary Emulation vs Penetration Tester?

AspectAdversary EmulationPenetration Tester
CredentialsCybersecurity certifications, threat intelligence knowledgeSecurity certifications, ethical hacking certifications
Work EnvironmentSimulates real-world adversary tactics in controlled environmentsIdentifies vulnerabilities through controlled testing
Industry UsageUsed in threat simulation, red teaming, and advanced security assessmentsUsed in vulnerability assessments and security audits

Adversary Emulation focuses on mimicking real-world attacker tactics to test defenses, while Penetration Testing identifies vulnerabilities by exploiting weaknesses. Both roles are essential for comprehensive cybersecurity strategies but differ in scope and approach.

What are the key skills and qualifications needed to thrive in Adversary Emulation, and why are they important?

To thrive in Adversary Emulation, you need deep knowledge of cybersecurity, attack methodologies, and penetration testing, often supported by degrees in computer science or related certifications such as OSCP or CISSP. Familiarity with tools like Cobalt Strike, Metasploit, and SIEM platforms is commonly required. Analytical thinking, creativity, and strong communication skills are essential to mimic real-world threats and report findings clearly. These skills are crucial for accurately simulating adversary tactics, identifying security gaps, and helping organizations strengthen their cyber defenses.

What are the typical challenges faced by professionals in Adversary Emulation roles?

Adversary Emulation specialists often encounter the challenge of staying ahead of rapidly evolving attack techniques and threat actor behaviors. They must continuously update their knowledge and adapt their methodologies to realistically mimic current adversaries, which requires ongoing research and collaboration with threat intelligence teams. Additionally, balancing the realism of simulated attacks with organizational risk tolerance and ensuring minimal disruption during assessments can be complex. Working closely with security operations, incident response, and IT teams is essential to maximize the value of each engagement and provide actionable insights for improving defenses.
More about Adversary Emulation jobs
What cities are hiring for Adversary Emulation jobs? Cities with the most Adversary Emulation job openings:
What states have the most Adversary Emulation jobs? States with the most job openings for Adversary Emulation jobs include:
What job categories do people searching Adversary Emulation jobs look for? The top searched job categories for Adversary Emulation jobs are:
Adversary Emulation jobs near you
Infographic showing various Adversary Emulation job openings in the United States as of May 2026, with employment types broken down into 96% Full Time, 2% Part Time, and 2% Contract. Highlights an 90% Physical, 6% Hybrid, and 4% Remote job distribution, with an average salary of $121,624 per year, or $58.5 per hour.
Sr. Red Team Engineer / Hybrid / Scottsdale

Sr. Red Team Engineer / Hybrid / Scottsdale

Motion Recruitment

Scottsdale, AZ • Hybrid

$132K - $165K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 3 days ago

Job description

Hybrid opportunity in Scottsdale, AZ with a major U.S. financial technology company that powers and protects critical payments infrastructure used by hundreds of millions of consumers and small businesses. Tech stack includes Python, PowerShell, Go, AWS/Azure cloud environments, the MITRE ATT&CK framework, and modern adversary emulation toolsets (Cobalt Strike, CALDERA, Atomic Red Team, and similar). This is a full-time, direct-hire Senior Red Team Engineer role on the Offensive Security team.

This is not a checkbox pen testing role. You'll be doing real adversary emulation against one of the highest-value target environments in the country — payments infrastructure relied on by millions every day. Financially-motivated APTs aren't a hypothetical here; they're the actual threat model. You'll run red team campaigns, partner with the blue team on purple team exercises, build your own tooling, and prove real-world blast radius on findings that matter. They're looking for an operator who thinks like a threat actor, can pivot from a single vulnerability to org-wide impact, and wants to grow technically without being pushed into management. You'll report directly to the Director of Offensive Security, work alongside a sharp and well-resourced team, and have real influence over how the organization defends itself. Strong work-life balance with flexible PTO, 12 weeks of paid parental leave, and a 100% safe harbor 401(k) match on the first 6% — plus a culture that genuinely supports learning, conference attendance, and certification growth.

Required Skills & Experience

  • 6+ years of information security experience, with at least 2 years in offensive security roles
  • Hands-on experience running red team campaigns and adversary emulation exercises
  • Strong working knowledge of tools and techniques for network, cloud, and web-based campaigns, plus the ability to develop and execute new exploits at scale
  • Solid grasp of threat modeling, cloud security, cryptography, authentication & authorization, and defensive detection techniques (including offensive evasion)
  • Proficiency writing and maintaining scripts in PowerShell, Python, and Go
  • Strong written and verbal communication; able to brief both technical and non-technical audiences
  • Bachelor's degree in a relevant field or equivalent practical experience

Desired Skills & Experience

  • Hands-on experience with adversary emulation frameworks and C2 platforms (Cobalt Strike, Mythic, Sliver, CALDERA, Atomic Red Team, etc.)
  • Deep understanding of MITRE ATT&CK, MITRE CAPEC, and the Cyber Kill Chain
  • Mobile application testing and vulnerability research experience
  • Practical offensive security certifications: OSCP, OSEP, ePTX, GPEN, HTB CPTS, or equivalent
  • Cloud certifications: AWS SAA/SAP, AWS Security Specialty, or equivalent
  • Experience moving from a single vulnerability to identifying organization-wide impact

What You Will Be Doing

Tech Breakdown

  • 40% Cloud (AWS / Azure) offensive security
  • 30% Network & internal infrastructure red teaming
  • 20% Web and application-layer exploitation
  • 10% Mobile application testing

Daily Responsibilities

  • 70% Hands-on (campaigns, exercises, tooling development, exploit research)
  • 20% Team collaboration (purple team work, scoping with internal security partners, IR/CTI support)
  • 10% Reporting and stakeholder communication

The Offer

  • Base salary: $132,000 – $165,000
  • Discretionary incentive / bonus eligible

You will receive the following benefits:

  • Medical, Dental, and Vision Insurance (PPO/HDHP options with HSA company contributions)
  • Flexible PTO for exempt employees, plus 11 paid company holidays and a paid volunteer day
  • 401(k) with 100% safe harbor match on first 6% (immediate eligibility)
  • 12 weeks paid parental leave
  • Family planning benefits including fertility, adoption, and surrogacy support
  • Commuter and dependent care FSA options

Apply