Senior Red Team Engineer / Hybrid / Scottsdale

About the Role:

We're hiring a Senior Red Team Engineer to join a trusted payments technology company that powers and protects major financial products used by millions of consumers. This is a hybrid role based in Scottsdale, focused on offensive security, adversary emulation, purple team testing, cloud/web/network campaigns, and real-world attack simulation.

Why This Role Rocks:

This is a high-impact offensive security role where you'll be identifying emerging threats, building proof-of-concept attacks, testing enterprise defenses, and helping security teams understand real-world blast radius. You'll work across red team campaigns, purple team exercises, exploit development, cloud security, detection evasion, and threat replication in a highly regulated financial technology environment.

Required Skills & Experience:

- 6+ years of information security experience

- 2+ years of hands-on offensive security experience

- Red team campaign and adversary emulation experience

- Experience with network, cloud, and web application security testing

- Ability to develop exploits and execute attacks at scale

- Strong scripting experience with Python, PowerShell, and/or Go

- Knowledge of threat modeling, cloud security, cryptography, authentication, authorization, and defensive detection techniques

- Experience writing reports and presenting findings to technical and non-technical stakeholders

- Strong understanding of vulnerability impact, blast radius, and real-world exploitability

- Bachelor's degree in a relevant field or equivalent professional experience

Desired Skills & Experience:

- Experience with adversary emulation toolsets

- Ability to take a single vulnerability and assess organization-wide impact

- MITRE ATT&CK, MITRE CAPEC, and Cyber Kill Chain experience

- Mobile application security testing experience

- Offensive security certifications such as OSCP, ePTX, GPEN, HTB CPTS, or similar

- Cloud security certifications such as AWS SAA, AWS SAP, AWS Security Specialty, or equivalent

What You Will Be Doing:

Tech Breakdown:

- 30% Red team campaigns and adversary emulation

- 20% Purple team exercises and control efficacy testing

- 15% Cloud, web, and network security testing

- 15% Exploit development, scripting, and automation

- 10% Vulnerability impact and blast-radius analysis

- 10% Reporting, remediation guidance, and security team collaboration

Daily Responsibilities:

- 50% Hands-on offensive security testing, attack simulation, and vulnerability validation

- 25% Building scripts, tools, proof-of-concepts, and automation to support engagements

- 15% Partnering with internal security, incident response, and threat intelligence teams

- 10% Reporting findings, documenting risk, and presenting remediation recommendations