Red Team Penetration Tester
New York Technology Partners
The Adversarial Red Team Associate Principal is responsible for strengthening security posture by conducting covert black-box and occasional white-box assessments across network, web application, cloud, mobile, physical, and social engineering domains, while coordinating with Security and IT teams to address and retest remediated findings. Ideal candidates will bring deep expertise in areas such as OSINT, penetration testing, C2 infrastructure development, evasion techniques, and custom scripting, along with strong communication skills and a commitment to staying ahead of emerging threats. All team members are held to the highest standards of ethics, integrity, and accountability, and are expected to foster a collaborative, bar-raising dynamic with defensive security teams. Primary Duties and Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Execute comprehensive Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security, mobile testing, and OSINT within defined rules of engagement. Develop and deploy Command and Control (C2) infrastructure using evasion and obfuscation techniques to test and enhance Cyber Defense detection capabilities. Leverage AI/LLM tooling to accelerate offensive research, exploit development, and overall Red Team effectiveness. Conduct ad-hoc white-box testing on pre-production and in-development infrastructure, and validate remediated findings with IT owners. Perform threat modeling, security risk assessments, and independent reviews of OCC's security, network, and applications. Develop clear, evidence-based reports with actionable remediation recommendations and debrief stakeholders on findings. Ensure security controls and testing activities align with applicable regulations, industry best practices, and OCC policies and procedures. Cross-train Red Team members and other Security/IT teams on adversarial threats, attack vectors, and remediation strategies. Stay current on emerging threats, threat intelligence, and attack techniques, advising IT leadership on mitigation approaches. Support audits, contribute to security roadmap development, and mentor team members while fostering a collaborative team environment. Perform other duties as assigned. Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. High energy, results driven person with an attention to detail. Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new adversarial TTPs to simulate on a regular basis. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Exceptional tactical planning skills based on long-term strategic goals. Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Command and Control (C2) Infrastructure Development, Cyber Defense Evasion techniques, Social Engineering, Open-Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more. Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool‑using agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management. Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Ability to facilitate meetings and conversations. Ability to work with business users, understand their needs and translate those needs to the final project deliverables. Nice to have experience working on critical infrastructure in a regulated environment. Technical Skills Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing. Demonstrated exploit, payload, and attack framework development experience. Strong knowledge of EDR detection capabilities such as Crowdstrike/Carbon Black, etc. and associated defense evasion techniques for behavioral based alerting. Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool‑using agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings. Strong proficiency in social engineering and intelligence gathering. Strong experience with custom scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nighthawk, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.). Track record of vulnerability research and CVE assignments. Knowledge of Windows APIs and Living off the Land (LOL) Binaries. Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (e.g., DMS, PolicyTech) is a plus. Experience with using ServiceNow is a plus. Education and/or Experience BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required. 3+ Years’ experience of Penetration testing. 5+ Years’ experience in Information Assurance or Cybersecurity work environments. Certificates or Licenses #J-18808-Ljbffr New York Technology Partners
- The Office of the Comptroller of the Currency (OCC) is seeking an Adversarial Red Team Associate Principal to strengthen security posture through covert and white-box assessments across networks, cloud, applications, and physical security. Ideal candidates will apply deep...SuggestedWork at office
- New York Technology Partners in Chicago, IL seeks an Associate Principal, Adversarial Red Team to lead advanced security assessments across network, cloud, and applications. The role blends hands-on testing with adversarial tooling and C2 infrastructure development. You...SuggestedFull time
$140k - $160k
A leading financial service client is seeking a Security Engineer to lead Red team exercises against hybrid environments, utilizing advanced threat intelligence. This role requires approximately 8 years of experience with industry-standard Red Team testing tools and a...SuggestedFull time- Job Title #1: Associate Principal, Adversarial Red Team Location: Chicago, IL (Onsite - Hybrid - 3 days in a week) Position Type: Fulltime... ...Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security...SuggestedPermanent employmentFull timeWork at office3 days per week
- ...will be to plan, execute, and report on penetration tests targeting high-impact applications... ...security, and device/product engineering teams to clarify findings, support remediation... ...test reports and mentoring junior testers. ~ Continuous learner who keeps up with...SuggestedRemote work
$205k
...lead assessments of security resilience across various technologies. You'll analyze threats, develop proof-of-concepts, and mentor team members while ensuring high standards in defensive security strategies. Your role involves utilizing both innovative thinking and detailed...- ...Security is looking for talented professionals in offensive and defensive security to enhance their Security Services team. The role involves extensive penetration testing, risk assessment, and developing tailored security solutions. Applicants should have strong expertise in...
- LaSalle Network is looking for a Pen Tester to help enhance security by identifying vulnerabilities... ...will have over 4 years of experience in penetration testing and a strong understanding of... ...with engineering and security teams to identify and resolve vulnerabilities....
$140k - $160k
...by Hearst. Fitch's Technology & Data Team is a dynamic department where innovation... ...Group is currently seeking a Senior AI Penetration Tester based out of our Chicago office. How... ...techniques, and AI security threats; support red team exercises and threat simulation...Temporary workWork at officeImmediate start2 days per week3 days per week- ...across cloud, on‑prem, and mobile platforms, performing real‑world penetration tests and post‑exploitation analysis. You will leverage tools... ...in Ruby, Python, or GoLang. Occasional travel and collaboration with compliance teams are expected. #J-18808-Ljbffr Urbane Security
- ...growth. We are a company of doers. Leaders roll up their sleeves, teams work flat, and everyone contributes to what ships. Titles don't... ...threat modeling, and adversarial testing. You'll build and run red team exercises against our AI systems, model attack vectors that...Full timeFor contractorsRemote workDay shift
- ...lead underwriting efforts. The role involves balancing risk exposure, supporting product evolution, and collaborating with a dedicated team. Ideal candidates will have 5-8 years of underwriting experience and a relevant degree. We offer a competitive salary and a...
$78k - $135k
...and we support clients around the world. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem‑solvers who are hungry to learn, grow, and make a difference. What You'll Do Manage Plan of Action &...Work experience placementWork at officeFlexible hours$203.2k - $239.1k
...As the senior technical leader, you will partner with Product Management, Engineering, Experience Design, Data & AI, and Consulting teams to define technology roadmaps, establish engineering standards, and ensure our products are secure, scalable, and built for long-term...Local areaImmediate startFlexible hours$500 per month
...Become a Professional Game Tester We're looking for passionate gamers to join our elite team of mobile game testers. Get paid to play and test the latest games before they launch. $500+ Avg Monthly Pay 5-10 Hours/Week 100% Remote Position Requirements:...Remote work10 hours per week$150k - $170k
...Microsoft 365 Platform Manager to lead the architectural direction and governance of the M365 platform. This role involves coaching a team, ensuring coherent operations, and partnering with various stakeholders on AI-enabled experiences. With a salary range of $150,000...$150k - $170k
...Microsoft 365 Platform Manager to ensure the architectural integrity of their Microsoft 365 platform. This role involves leading the M365 team, defining architectural standards, and providing governance for operational decisions. Candidates should have deep expertise in...- Jobtailor in Oak Brook, IL is seeking a senior software development leader to manage day-to-day execution for one team and drive delivery across iOS, Android, and Web platforms. The role emphasizes planning, documentation, and adherence to agile processes while mentoring...
- ...cybersecurity experts, but above all else, we are a team of passionate problem‑solvers who are... ...a team to both lead and support Perform penetration testing on applications with complex... ...across both iOS and Android. Red/Purple Team tradecraft and methodologies....Work at officeFlexible hours
$117.6k - $161.7k
...and use it. As a Senior Offensive Security Engineer, AI-Driven Red Team & Tooling, you will develop AI and agentic tooling that makes... ...offensive operations faster and broader, then prove it in real penetration tests, purple‑team exercises, and red‑team operations. You...Temporary workWork from home$145k - $192.5k
...Description Bank of America’s Global Information Security (GIS) team is looking for a Cyber Threat Defense AI Security Senior Engineer... ...Collaborate with offensive security teams to develop AI‑enhanced red teaming and adversarial emulation capabilities. Drive innovation...Shift workDay shift- ...Master/Delivery Lead to coordinate delivery across multiple Scrum teams supporting Track A and Track B workstreams. You will drive Agile... .... You will provide hands-on direction to offshore developers, testers, and analysts, orchestrate cross-team dependencies, support early...
- Join the Erie team! Motivated by the belief that healthcare is a human right, we provide high quality affordable care to support healthier people, families, and communities. Erie delivers holistic care to help every member of the family stay healthy and active from infancy...
- ...willing to travel for on‑site collection efforts as well as work in our in‑office forensics lab and data center. The role supports a lean‑team approach with an employee‑centric culture that encourages professional growth. Skills and attributes for success Perform forensic...Full timeWork at officeRemote workFlexible hours
$140k - $160k
...Technologies, Inc. About the Company: A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework. Responsibilities:...Full time- ...Architectures. Certifications such as AWS Certified Security Specialty (SCS‑C01) is a plus Good understanding of an attacker progression (Red Team or Pentest). Certifications such as CEH, OSCP, OSCE is a plus Strong knowledge in networking and ability to understand L3 to L7...
$145k
...and automation to streamline the incident analysis and response process Engineer war‑gaming and tabletop activities as part of red/blue team exercises to strengthen and test incident response playbooks, evaluating and improving the firm's incident response capabilities...Work at office- ...as an in‑office presence at the primary firm office, which includes the forensics lab and data center. The firm prioritizes a lean‑team approach and a strongly employee‑centric culture that encourages professional growth and active roles for all team members. CGS brings...Full timeWork at officeRemote workFlexible hours
$78k - $135k
...Management Specialist to oversee compliance and security across platforms. This role includes managing assessments, collaborating with teams, and ensuring compliance with frameworks like FedRAMP and PCI. The ideal candidate has significant experience in vulnerability...Flexible hours- ...ideal candidate will have experience in Agile Product Lifecycle Management and will be responsible for managing projects and guiding teams to adopt and improve Agile practices. Join a dynamic team focused on delivering high-caliber professionals and providing innovative...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Red Team Penetration Tester. Be the first to apply!

