Назад
Company hidden
2 дня назад

Information Security Specialist - Red Team Operator

96 900 - 136 800CAD
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Canada
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Information Security Specialist - Red Team Operator (Red Team/Offensive Security): Execute end-to-end red team engagements to emulate real-world threat actors, validate security controls, and deliver actionable findings with an accent on Windows Active Directory identity abuse, adversary emulation using MITRE ATT&CK TTPs, and safe operation under strict enterprise governance. Focus on planning and running full-scope operations (reconnaissance through objective completion), building custom tooling/payloads, and partnering with Blue/Purple/Threat Intelligence/Incident Response to improve detection and response.

Location: Toronto, Ontario, Canada

Salary: $96,900 - $136,800 CAD

Company

hirify.global is a global financial institution providing banking services across Canada and North America.

What you will do

  • Plan and execute full-scope red team engagements: reconnaissance, initial access, lateral movement, privilege escalation, command-and-control, and objective completion
  • Emulate real-world threat actors using established TTPs (e.g., MITRE ATT&CK)
  • Run phishing and social engineering campaigns within defined legal and ethical constraints
  • Develop and maintain custom tooling, payloads, and infrastructure to support operations
  • Collaborate with Blue Team, Purple Team, Threat Intelligence, and Incident Response partners
  • Produce engagement reports and contribute to detection engineering by identifying control/telemetry/response gaps

Requirements

  • 7+ years of experience in offensive security, red teaming, penetration testing, or equivalent hands-on security roles
  • Strong knowledge of Windows Active Directory environments, identity abuse, and enterprise authentication flows
  • Proven experience with common red team tooling (e.g., C2 frameworks, phishing platforms, custom payloads)
  • Solid understanding of network protocols, operating systems, and endpoint security controls
  • Ability to safely execute adversarial activities in regulated environments with strict scope and approval processes
  • Strong written and verbal communication skills, including report writing and technical walkthroughs

Nice to have

  • Familiarity with EDR, SIEM, and cloud security controls from an attacker’s perspective
  • Experience developing custom tooling in C#, Python, and PowerShell
  • Relevant certifications (e.g., CRTO, OSCP, GXPN, red team ops–focused certs)
  • Experience in financial services, large enterprises, or highly regulated environments

Culture & Benefits

  • Base salary plus discretionary variable compensation award based on business and individual performance
  • Health and well-being benefits, savings and retirement programs, and paid time off
  • Career development support, including regular development conversations and access to an online learning platform
  • Training and onboarding sessions provided for the new role
  • Accommodation available during the interview process

Hiring process

  • Interviews scheduled for candidates of interest
  • Interview outcomes communicated to applicants by email or phone

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →