Red Team Engineer

Red Team Engineer Opportunity

We're looking for a Red Team Engineer with a genuine passion for offensive security - someone who's been doing this for a couple of years, knows their craft, and is ready to take on more. You'll work closely with the Technical Director, leading engagements end-to-end and playing an active role in scoping, designing, and delivering high-quality adversary simulation work.

This is a role for someone who thinks like an attacker, communicates like a consultant, and cares about the quality of their output.

Salary: £60-70k DOE

Location: Remote UK

Security Clearance: SC clearance desirable

What You'll be Doing:

Leading and delivering intelligence-led red team engagements across enterprise and hybrid environments - from initial scoping conversations with clients through to final debrief.

You'll be involved in shaping attack paths, designing realistic threat scenarios, and ensuring engagements are delivered to a consistently high standard. Alongside the technical delivery, you'll be expected to contribute to scoping and help sell the value of red team work to clients - so the ability to communicate clearly, to both technical and non-technical audiences, matters as much as your hands-on skills.

On the technical side, you'll be performing attacks across:

• Active Directory and hybrid identity environments
• Microsoft 365, Azure AD, and cloud-native platforms (AWS, GCP)
• Okta and SaaS applications
• Phishing and social engineering campaigns

You'll also support purple team exercises and produce clear, accurate reporting that tells a compelling attacker story - not just a list of findings.

What We're Looking For:

• Over 2 years of hands-on red team experience - in a consultancy or internal red team function
• Strong technical grounding across on-prem Active Directory and Azure / cloud environments
• Experience leading or contributing to full red team engagements, not just individual tests
• Comfortable in client-facing situations - scoping calls, presenting findings, explaining attacker behaviour in plain language
• A genuine interest in adversary simulation and real-world attacker tradecraft
• Strong written communication skills; your reports should tell a story, not just list CVEs

Desirables:

• CCRTS (or working towards it) - this one carries real weight here
• Familiarity with TIBER-EU, CBEST, GBEST, or similar frameworks
• Experience with C2 frameworks, custom tooling, or evasion techniques
• Any public contributions - blogs, tools, talks, research

Why this role:

You'll get genuine exposure to complex, intelligence-led engagements - not commoditised testing. You'll be working directly with a senior technical lead who cares about doing the work properly, and you'll have real involvement in how engagements are shaped and delivered.

If offensive security is what you want to do long-term, this is a solid place to grow.