Red Team Security Jobs (NOW HIRING)

We are seeking a hands-on Staff Security Engineer for our Red Team with deep technicalexpertisein running AI-driven adversary operations that measurably improve detection and response processes.You'llexecute at the intersection of offensive security and AI, developing novel Red Team capabilities and running operations against AI-powered systems.

This roleis responsible forworking with other stakeholders in planning, executing, and delivering Red Team, Purple Team, and other Adversary Emulation operations.Outcomes will directly inform detection engineering, incident response readiness, and control validation.You willbe responsible forthe testing/evaluation of AI applications and agents as well as the leveraging of agentic AI to gain efficiencies for Red Team and penetration testing efforts.

Success in this role means you can champion operations end-to-end: shape the scope andobjectives, define safety controls and deconfliction, build or tailor emulation plans, execute advanced operator tradecraft in authorized environments, and deliver clear findings mapped to TTPs, telemetry gaps, and detection opportunities. You are someone with progressive experienceonOffensive Security operations who can consistently translate realistic adversary behavior into practical defensive improvements and repeatable emulation capability.

This role offers a unique opportunity to expand your influence, forge critical alliances, andleadthe evolution of Adversary Emulation programs in a fast-paced environment. Your impact will be felt across the organization as we strengthen our defenses against ever-evolving cyber threats through simulation of real-world cyberattacks andattemptsto breach the organization's defenses.

Responsibilities:

• Participate in AI-focused adversary operations: plan, execute and deliver Red Team, PurpleTeamand other Adversary Emulation operations.

• Scope and design operations: defineobjectives, target scope, success criteria, safety controls.

• Develop and run emulations: build, customize, and execute emulation plans using platforms such as MITRE Caldera, orsimilar products.

• Execute advanced AI-leveraged tradecraft across enterprise environments (identity, endpoints, networks, cloud, SaaS) in a controlled, measurable way.

• Partner with defenders: work directly with Detection Engineering, Threat Intelligence, and Risk Management tovalidatetelemetry coverage, tune detections, improve response playbooks, and close visibility gaps.

• Champion continuous improvement and innovation in adversary operations techniques, tools, and methodologies.

Required Qualifications:

• 8+ years of experience in Offensive Security operations.

• 5+ years of hands-on experience running Red Team, Purple Team, and other Adversary operations in enterprise environments.

• Deep understanding of LLM architecture and familiarity with how models process input, manage context, and generate output.

• Experience with AI frameworks and tools such asPyTorch, TensorFlow, Hugging Face, andLangChain.

• Experience with Azure, AWS,GCPor other cloud providers.

• Strong working knowledge of MITRE ATLAS and ATT&CK, and the ability to translate TTPs into repeatable emulations and measurable detection outcomes.

• Hands-on experience with adversary emulation platforms, including building/maintainingemulations and running operations.

• Demonstrated capability with core operator tradecraft (C2, payload delivery, privilege escalation, lateral movement, persistence, and operational security)appropriate toauthorized testing.

• Extensive use of red team frameworks: Cobalt Strike, Sliver, Metasploit, Empire,BloodHound.

Preferred Qualifications:

• OSCP, OSCE, CRTO, CISSP, or relevant Red Team/offensive security certs.

• GIAC Penetration Testing, Red Team certifications (GCTI, GPEN, GXPN)a plus.

• Breadth and depth of knowledge in security of operating systems, networking and protocols, firewalls, databases and middleware applications, forensics,scriptingand programing.

• Advanced level knowledge of Linux/Mac/Windows operating systems, AWS/Azure cloudenvironmentsand cloud-native resources (ex. Containers, Kubernetes, microservices, serverless functions).

• Experience withconducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections.

Education:

• Bachelor's degree in Cybersecurity, ComputerScienceora relatedfield.