Red teaming (UK and USA)

To apply: Please send a brief cover letter and your resume to

Every year, we deliver a large number of red teaming engagements for a variety of prestigious clients.
The typical delivery time frame is in the region of weeks to months. We start with a threat intelligence phase in order to ensure maximum realism and then we move on to a multi scenario attack phase. Finally, we place great emphasis on detection and response. We see the blue team as our customer and so we go on site to conduct an incident response maturity assessment with them at the end of the engagement.

Red teamers – we need you!

We are looking for the right individuals to engage in top tier red teaming, STAR & CBEST work.

Individual attributes

The attributes possessed by successful candidates include:

  • The ability to perform under pressure – we have to outfox and outrun the blue team!
  • A willingness to occasionally work unsociable working hours – attackers don’t just work 9-5 and sometimes we need to replicate that!
  • Strong knowledge of the cyber kill chain and common tactics, techniques and procedures often employed by a variety of threat actors.
  • A good understanding of how a typical blue team operates.
  • You will be enthusiastic and able to work well within a high performing team as well as perform to a high standard autonomously.
  • You need to be able to lead complex engagements and communicate externally at the highest levels.
  • You will have an in depth understanding of risk.
  • The ability to write and deliver high quality reports.
  • A thirst for research and being at the cutting edge of the industry.

Skills and experience

Of course, wider security abilities and experience are extremely important. The following illustrate the type background we’re looking for, although we’re very pragmatic in our assessments:

  • 1+ years of red team testing.
  • 5+ years of infrastructure penetration testing.
  • Offensive Security (e.g. OSCP, OSCE), SANS and other recognized industry training and certification is appreciated but not required.
  • SC or DV Cleared
  • In depth knowledge and understanding of common C2 frameworks (e.g. Cobalt Strike, PoshC2, Empire).
  • Ability to work with exploits and vulnerabilities.
  • Exploit creation, skills with scripting, vulnerability analysis and reverse engineering.
  • Experience working with and against many security products, ranging from perimeter security to endpoint protection tools.
  • An in depth level of knowledge of Windows exploitation and Active Directory.

To apply: Please send a brief cover letter and your resume to