Principal Red Team Operator (Cybersecurity)

TL;DR

Principal Red Team Operator (Cybersecurity): Conducting advanced adversary-simulation exercises to uncover hidden security gaps across cloud, network, and physical environments with an accent on TTPs and threat intelligence. Focus on designing sophisticated attack campaigns, mentoring junior operators, and elevating the maturity of the organization's security testing program.

Location: Must be based in Houston, Texas. The role follows a hybrid workplace model requiring at least four days per week in the office.

Company

A leading independent global investment firm dedicated to rethinking possibilities for clients through distinctive investment management capabilities.

What you will do

• Plan and execute Red Team and Purple Team exercises mimicking real-world threat actor TTPs.
• Design and customize testing tools and scripts to automate security functions.
• Perform penetration tests across applications, networks, and physical environments.
• Incorporate social engineering campaigns, including phishing and physical tailgating, into testing.
• Provide expert consulting to stakeholders on remediation and mitigation strategies.
• Help management shape the future vision and strategy of the testing program.

Requirements

• Minimum 6 years of experience in information security, with at least 4 years in red team testing.
• Proficiency in C, C++, and C# for tool development and malware analysis.
• Strong understanding of the MITRE ATT&CK framework and threat modeling.
• Experience with offensive tools, command and control frameworks, and network penetration testing.
• Must hold OSCP or CRTO certification in good standing.
• Strong knowledge of enterprise-grade technologies, including databases, web applications, and infrastructure.

Culture & Benefits

• Comprehensive health and wellbeing benefits.
• 401(k) matching up to 6% with discretionary supplemental contributions.
• Flexible paid time off and parental leave benefits.
• Employee stock purchase plan.
• Collaborative environment focused on research, curiosity, and continuous security improvement.