Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Principal Red Team Operator
Johnston, RI · On-site
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Principal Red Team Operator
Johnston, RI · On-site
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Principal Red Team Operator
Johnston, RI · On-site
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Principal Red Team Operator
Johnston, RI · On-site
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths * Design and execute campaign based ...
Purple Team information
See salary details
$8.65 - $11.06
10% of jobs
$13.30 is the 25th percentile. Wages below this are outliers.
$11.06 - $13.46
16% of jobs
$13.46 - $15.87
19% of jobs
The median wage is $16.41 / hr.
$15.87 - $18.27
23% of jobs
$20.14 is the 75th percentile. Wages above this are outliers.
$18.27 - $20.67
9% of jobs
$20.67 - $23.08
7% of jobs
$23.08 - $25.48
5% of jobs
$25.48 - $27.88
4% of jobs
$27.88 - $30.29
3% of jobs
$30.29 - $32.69
2% of jobs
$32.69 - $35.10
1% of jobs
$8
$19
$35
How much do purple team jobs pay per hour?
Is 30 too old for cyber security?
How much does a purple team operator make?
What are the key skills and qualifications needed to thrive in the Purple Team position, and why are they important?
To thrive as a Purple Team member, you need a deep understanding of both offensive (red team) and defensive (blue team) cybersecurity techniques, with expertise in penetration testing, threat detection, and incident response. Familiarity with tools such as SIEM platforms, vulnerability scanners, attack simulation frameworks, and certifications like CISSP, CEH, or OSCP are highly valued. Strong problem-solving abilities, effective communication, and the capability to work collaboratively with both security and IT teams are crucial soft skills. These combined skills enable Purple Team professionals to bridge gaps between offensive and defensive security, improving organizational resilience against cyber threats.
What is the purple team work?
What is a Purple Team job?
A Purple Team job involves bridging the gap between Red Team (offensive security) and Blue Team (defensive security) operations. Professionals in this role collaborate with both teams to enhance an organization's overall security posture by simulating attacks, identifying vulnerabilities, and improving detection and response capabilities. Their goal is to ensure that defensive measures are continuously tested and refined based on real-world attack scenarios. This role requires strong knowledge of cybersecurity threats, penetration testing, and incident response.
Can you make $500,000 a year in cyber security?
How does a Purple Team contribute to improving an organization's cybersecurity posture?
A Purple Team plays a unique and strategic role by facilitating collaboration between offensive security experts (Red Team) and defensive teams (Blue Team), helping organizations identify and address vulnerabilities more efficiently. They conduct controlled attack simulations, analyze real-world threat scenarios, and work directly with defenders to strengthen detection and response processes. The team’s efforts often lead to developing stronger security controls and more resilient incident response strategies. For job seekers, this means engaging in diverse projects, learning from both adversarial and defense perspectives, and playing a direct role in enhancing overall cyber defense capabilities.

Other
Medical, Dental, Vision, Retirement, PTO
Posted 20 days ago
Job description
Description
Principal Operator, Red Team
Role Summary
The Operator, Red Team is a hands on offensive security practitioner responsible for executing advanced adversary emulation and continuous red teaming operations across a modern, cloud and AI enabled enterprise. This role plays a critical part in building and scaling the organization's offensive security capability and ensuring the company stays ahead of emerging threats in an evolving risk landscape.
Operating within high impact engagements, this individual will simulate real world attackers, identify and validate attack paths, and partner closely with defensive teams to ensure findings translate into measurable improvements in detection, response, and overall risk posture. Success in this role requires deep technical tradecraft, strong operational discipline, and a mindset focused not just on breaking systems, but on strengthening them through full lifecycle accountability.
This role reports to the Red Team Manager and works closely with Blue Team, Detection Engineering, Threat Intelligence, and Incident Response through Purple Teaming to continuously improve defensive effectiveness.
Locations and Work Arrangement: Candidates must be willing to commute to one of the following hub locations with a hybrid schedule and flexibility across the listed hubs. We are open to supporting relocation assistance for highly qualified candidates who are not currently located near one of these offices:
- Johnston, RI
- Boston, MA
- Iselin, NJ
- Pittsburgh, PA
- Plano or Irving TX
- Phoenix, AZ
- Charlotte, NC
- Manchester, NH
- Cleveland, OH
Key Responsibilities
- Execute Red Team and Purple Team engagements as a primary operator, including adversary emulation, assumed breach scenarios, and intelligence driven attack paths
- Design and execute campaign based attack operations that simulate real world adversary behavior across enterprise environments
- Perform hands on exploitation and abuse across on prem, cloud, SaaS, and hybrid infrastructures
- Simulate advanced attacker tradecraft, including living off the land techniques, identity abuse, privilege escalation, lateral movement, persistence, command and control, and controlled data exfiltration
- Conduct testing against AI enabled systems and workflows, including abuse and misuse of AI assistants, copilots, and automation platforms
- Execute prompt manipulation, indirect prompt injection, and AI model misuse scenarios to evaluate emerging attack surfaces
- Collaborate closely with Detection Engineering and Blue Team during Purple Team engagements to validate detections, identify coverage gaps, and refine response effectiveness
- Translate offensive findings into actionable remediation insights and partner with stakeholders to ensure vulnerabilities are addressed and control effectiveness is improved
- Contribute to full lifecycle execution of engagements, ensuring findings are tracked through resolution and result in measurable risk reduction
- Leverage and extend red team tooling and frameworks and develop targeted scripts or payloads to emulate specific adversary behaviors
- Document findings clearly, including attack paths, control weaknesses, and detection gaps, contributing to engagement reports and technical debriefs
- Operate within defined rules of engagement, safety protocols, and ethical guidelines to ensure realistic and controlled testing
- Stay current on evolving adversary tactics, offensive tooling, and AI security research, incorporating new techniques into ongoing testing efforts
Experience and Skills
- 4 to 8 years of hands on cybersecurity experience with a strong focus on Red Team operations, adversary emulation, or advanced offensive security
- Demonstrated experience executing Red Team or Purple Team engagements in assumed breach or adversary based scenarios
- Proven ability to design and execute attack paths rather than relying solely on automated tools or point in time testing
- Strong technical capability across multiple attack surfaces, including identity and access attacks, endpoint and network exploitation, cloud and SaaS environments, and command and control frameworks
- Understanding of campaign based red teaming and continuous testing approaches, including iterative and regression style validation
- Working knowledge of AI security concepts, including how AI enabled systems, inputs, and workflows can be manipulated or abused
- Ability to collaborate with Blue Team and Detection Engineering to translate offensive activity into improved detection and response capabilities
- Strong operational discipline, including clear documentation, safe execution, and adherence to engagement constraints
- Effective communication skills, with the ability to explain technical findings to security practitioners and cross functional partners
- Demonstrated curiosity, adaptability, and ability to operate in rapidly evolving threat and technology environments
Education and Certifications
- Bachelor's Degree in Security, Computer Science, Information Technology, or related field, or equivalent experience
- Relevant industry certifications such as OSCP, OSEP, CRTO, CRTP, or similar advanced offensive security credentials
- Exposure to AI security testing or AI red teaming through hands on work, training, or research is preferred
Pay Transparency
The salary range for this position is from $150,000 to $210,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to, the budget, work location, relevant skills, and experience.
We offer competitive pay, comprehensive medical, dental, and vision coverage, retirement benefits, maternity and paternity leave, flexible work arrangements, education reimbursement, wellness programs, and more. Citizens' paid time off policy exceeds the mandatory paid sick or paid time away policies of local and state jurisdictions in the United States. For an overview of our benefits, visit our Careers site - https://jobs.citizensbank.com/benefits.
#LI-Citizens1
Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Education:Why Work for UsEmployment Type: 1ST