Principal Red Team Operator / Leader - Hybrid

Swift Transportation•Manassas, VA

8d•Hybrid

About The Position

We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we’re proud to support the global economy. We’re unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We’re always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Swift is seeking an experienced Red Team leader to research, plan, and conduct advanced adversary emulation campaigns across our enterprise environments and conduct purple teaming activities to evolve the detection capabilities of our internal SOC. This role combines deep hands-on technical knowledge of Red Team operations, tooling, infrastructure, and operator development. You will design and direct large-scale adversary simulations, coordinate multi-operator campaigns, and ensure Red Team tradecraft remains ahead of evolving organizational defenses. You will be responsible not only for executing complex offensive operations, but also for shaping Red Team capability, mentoring operators, and translating offensive outcomes into measurable defensive improvement. In addition to the responsibilities described above, this role includes direct people management responsibilities to include leading, coaching, and developing team members, conducting performance management evaluations, and supporting hiring and work-force planning efforts. What to Expect: In this role you will:

Requirements

Bachelors Degree in Computer Science or related field
10 + years of relevant experience
Offensive Security Certified Professional (OSCP) or higher Offsec certification
Proven experience leading and executing Red Team operations and adversary simulations
Advanced skills across network, application, cloud, wireless and hybrid penetration testing
Strong command of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration)
Experience with Active Directory exploitation, Linux privilege escalation, kernel-level techniques, and cloud identity systems
Ability to chain vulnerabilities and bypass modern endpoint detection technologies
Proficiency with Red Team tooling, including C2 frameworks, scanners, phishing platforms and OPSEC tooling
Deep understanding of persistence mechanisms, identity-based attacks and stealth tradecraft
Familiarity with the MITRE ATT&CK framework and adversary emulation methodologies
Strong technical writing and reporting capabilities
Strong presentation skills and ability to tailor the message to the intended audience
Demonstrated ability to mentor operators and lead technical teams
Demonstrated experience supporting Purple Team exercises and detection engineering
Demonstrated experience managing or coordinating multi-operator Red Team engagements

Nice To Haves

Experience developing custom exploits, scripts, and automation
Experience aligning operations with regulatory frameworks such as TIBER or similar threat-led testing standards
Offensive Security Exploit Expert (OSEE)
Certified Red Team Operator Level II (CRTO II) or equivalent advanced adversary simulation certifications
GIAC Red Team Professional (GRTP), where available
Offensive Security Experienced Penetration Tester (OSEP) and/or Offensive Security Web Expert (OSWE)
Advanced SANS coursework (e.g., SEC760, SEC660)
Cloud exploitation and identity attack specialization training

Responsibilities

Architect, monitor and execute end-to-end adversary simulations across enterprise, cloud and hybrid infrastructures
Lead and coordinate multi-operator exploitation teams, managing simultaneous kill chains and campaign logistics
Direct complex Red Team engagements from reconnaissance and initial access through persistence, lateral movement and data exfiltration
Design and execute network, application, wireless, physical and cloud penetration tests
Build, operate, and maintain Red Team infrastructure, including command-and-control (C2) ecosystems, phishing platforms and operational security (OPSEC) tooling
Develop and operationalize custom tooling, payloads, automation and exploitation chains
Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms
Ensure operational realism, safety, and compliance with internal policy, legal constraints, and regulatory requirements
Align Red Team operations with the MITRE ATT&CK framework and threat-led industry testing standards
Lead Purple Team exercises and translate offensive findings into prioritized defensive improvements
Partner with SOC, Threat Intelligence, Risk Management, and Engineering teams to strengthen detection and response maturity
Mentor and develop junior and mid-level operators, sharing techniques, lessons learned, and tooling improvements
Foster an environment of internal information sharing
Interpret technical exploitation in the context of business risk and control effectiveness
Communicate technical risk clearly to security leadership and key stakeholders
Produce high-quality After-Action Reports (AARs), executive summaries, and technical documentation
Ensure that all Red Team related processes adhere to governance and regulatory requirements

Benefits

We support continuous learning and provide structured training, certification sponsorship, and long-term career development opportunities.
A flexible work from home (WFH) schedule
Our compensation packages include a competitive base salary and bonus opportunity for all employee’s contingent on personal and company performance.
Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume