About the Role:
We’re hiring a Senior Red Team Engineer to join a trusted payments technology company that powers and protects major financial products used by millions of consumers. This is a hybrid role based in Scottsdale, focused on offensive security, adversary emulation, purple team testing, cloud/web/network campaigns, and real-world attack simulation.

Why This Role Rocks:
This is a high-impact offensive security role where you’ll be identifying emerging threats, building proof-of-concept attacks, testing enterprise defenses, and helping security teams understand real-world blast radius. You’ll work across red team campaigns, purple team exercises, exploit development, cloud security, detection evasion, and threat replication in a highly regulated financial technology environment.

Required Skills & Experience:

• 6+ years of information security experience
• 2+ years of hands-on offensive security experience
• Red team campaign and adversary emulation experience
• Experience with network, cloud, and web application security testing
• Ability to develop exploits and execute attacks at scale
• Strong scripting experience with Python, PowerShell, and/or Go
• Knowledge of threat modeling, cloud security, cryptography, authentication, authorization, and defensive detection techniques
• Experience writing reports and presenting findings to technical and non-technical stakeholders
• Strong understanding of vulnerability impact, blast radius, and real-world exploitability
• Bachelor’s degree in a relevant field or equivalent professional experience

Desired Skills & Experience:

• Experience with adversary emulation toolsets
• Ability to take a single vulnerability and assess organization-wide impact
• MITRE ATT&CK, MITRE CAPEC, and Cyber Kill Chain experience
• Mobile application security testing experience
• Offensive security certifications such as OSCP, ePTX, GPEN, HTB CPTS, or similar
• Cloud security certifications such as AWS SAA, AWS SAP, AWS Security Specialty, or equivalent

What You Will Be Doing:

Tech Breakdown:

• 30% Red team campaigns and adversary emulation
• 20% Purple team exercises and control efficacy testing
• 15% Cloud, web, and network security testing
• 15% Exploit development, scripting, and automation
• 10% Vulnerability impact and blast-radius analysis
• 10% Reporting, remediation guidance, and security team collaboration

Daily Responsibilities:

• 50% Hands-on offensive security testing, attack simulation, and vulnerability validation
• 25% Building scripts, tools, proof-of-concepts, and automation to support engagements
• 15% Partnering with internal security, incident response, and threat intelligence teams
• 10% Reporting findings, documenting risk, and presenting remediation recommendations