[Remote] Associate Principal Red Team Consultant

Note: The job is a remote job and is open to candidates in USA. UltraViolet Cyber is a leading platform-enabled unified security operations company providing comprehensive security solutions. They are seeking a mid-to-senior Red Team Associate Principal Consultant to lead and execute sophisticated adversary simulations for enterprise clients, requiring deep technical execution and effective communication of risk to stakeholders.

Responsibilities

• Lead and participate in full-lifecycle red team engagements: scoping, planning, execution, and reporting
• Simulate advanced persistent threat (APT) tactics against enterprise network and cloud environments
• Execute multi-stage attack chains spanning network compromise, Active Directory abuse, cloud environments, and data exfiltration
• Design and conduct social engineering campaigns including phishing, vishing, and smishing operations
• Conduct adversary simulation against hybrid and cloud-native environments (AWS, Azure, GCP)
• Develop custom tooling, payloads, and tradecraft to evade modern defensive controls (EDR, SIEM, CASB)
• Produce high-quality, actionable reports tailored to both technical and executive audiences
• Collaborate with blue team and MDR teams to deliver purple team assessments
• Mentor junior consultants and contribute to internal capability development
• Stay current with emerging threat actor TTPs, tooling, and industry research

Skills

• US Citizenship is Required
• 4+ years in offensive security, penetration testing, or red team roles
• Proven experience leading or independently executing full red team engagements (not just component pentests)
• Strong command of red teaming methodologies and attack patterns
• Proficiency with common red team toolkits: Cobalt Strike, Metasploit, Sliver, Havoc, or equivalent C2 frameworks
• Ability to develop and modify offensive tooling (Python, PowerShell, C/C#, or Go)
• Deep knowledge of Active Directory attack paths: Kerberoasting, AS-REP roasting, ACL abuse, DCSync, delegation attacks
• Experience with internal network lateral movement, credential access, and persistence mechanisms
• Familiarity with common enterprise security controls and bypass techniques (AV/EDR evasion, AMSI bypass, LOLBins)
• Understanding of network protocols: SMB, LDAP, Kerberos, DNS, RDP, WinRM
• Hands-on experience attacking cloud infrastructure in at least one major provider (AWS, Azure, or GCP)
• Familiarity with cloud-specific attack paths
• Experience with cloud red team tooling
• Experience designing and executing phishing simulation campaigns (credential harvesting, malware delivery)
• Familiarity with pretexting, vishing, and physical access scenarios
• Understanding of awareness evasion techniques (email gateway bypass, domain aging, spoofing controls)
• Strong written and verbal communication — ability to write clear, concise, and technically accurate reports
• Comfortable presenting findings to C-suite and board-level stakeholders
• Self-directed; able to manage engagement workload with minimal supervision
• Collaborative team player with a mentorship mindset
• Ability to work within legal and ethical boundaries and maintain client confidentiality at all times
• Willingness to travel for on-site engagements as needed (up to :25%)
• Relevant certifications: OSCP, CRTO, CRTE, PNPT, CRTL, or equivalent
• Cloud security certifications (AWS Security Specialty, AZ-900+, or similar) a plus
• Prior consulting or professional services experience in a client-facing capacity
• Experience with TIBER-EU, CBEST, or other regulated red team frameworks
• Published research, CVEs, or conference presentations (DEF CON, Black Hat, etc.)
• Familiarity with threat intelligence and threat actor emulation planning

Benefits

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
• Group Term Life, Short-Term Disability, Long-Term Disability
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
• Participation in the Discretionary Time Off (DTO) Program
• 11 Paid Holidays Annually

Company Overview