uvcyber - Associate Principal Red Team Consultant
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Core Offensive Security- 4+ years in offensive security, penetration testing, or red team roles- Proven experience leading or independently executing full red team engagements (not just component pentests)- Strong command of red teaming methodologies and attack patterns- Proficiency with common red team toolkits: Cobalt Strike, Metasploit, Sliver, Havoc, or equivalent C2 frameworks- Ability to develop and modify offensive tooling (Python, PowerShell, C/C#, or Go) • Network & Infrastructure- Deep knowledge of Active Directory attack paths: Kerberoasting, AS-REP roasting, ACL abuse, DCSync, delegation attacks- Experience with internal network lateral movement, credential access, and persistence mechanisms- Familiarity with common enterprise security controls and bypass techniques (AV/EDR evasion, AMSI bypass, LOLBins)- Understanding of network protocols: SMB, LDAP, Kerberos, DNS, RDP, WinRM • Cloud Environments- Hands-on experience attacking cloud infrastructure in at least one major provider (AWS, Azure, or GCP)- Familiarity with cloud-specific attack paths- Experience with cloud red team tooling • Relevant certifications: OSCP, CRTO, CRTE, PNPT, CRTL, or equivalent- Cloud security certifications (AWS Security Specialty, AZ-900+, or similar) a plus- Prior consulting or professional services experience in a client-facing capacity- Experience with TIBER-EU, CBEST, or other regulated red team frameworks- Published research, CVEs, or conference presentations (DEF CON, Black Hat, etc.)- Familiarity with threat intelligence and threat actor emulation planning • Strong written and verbal communication — ability to write clear, concise, and technically accurate reports- Comfortable presenting findings to C-suite and board-level stakeholders- Self-directed; able to manage engagement workload with minimal supervision- Collaborative team player with a mentorship mindset- Ability to work within legal and ethical boundaries and maintain client confidentiality at all times- Willingness to travel for on-site engagements as needed (up to ~25%) • We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable. • UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. • If you want to make an impact, UltraViolet Cyber is the place for you!
Responsibilities
• Lead and participate in full-lifecycle red team engagements: scoping, planning, execution, and reporting- Simulate advanced persistent threat (APT) tactics against enterprise network and cloud environments- Execute multi-stage attack chains spanning network compromise, Active Directory abuse, cloud environments, and data exfiltration- Design and conduct social engineering campaigns including phishing, vishing, and smishing operations- Conduct adversary simulation against hybrid and cloud-native environments (AWS, Azure, GCP)- Develop custom tooling, payloads, and tradecraft to evade modern defensive controls (EDR, SIEM, CASB)- Produce high-quality, actionable reports tailored to both technical and executive audiences- Collaborate with blue team and MDR teams to deliver purple team assessments- Mentor junior consultants and contribute to internal capability development- Stay current with emerging threat actor TTPs, tooling, and industry research
No credit card. Takes 10 seconds.