Principal - Red Team Operator

About Invesco

As one of the world’s leading independent global investment firms, Invesco is dedicated to rethinking possibilities for our clients. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, intelligent colleagues, and exposure across a global footprint, come explore your potential at Invesco.

• Flexible paid time off
• Hybrid work schedule
• 401(K) matching of 100% up to the first 6% with a discretionary supplemental contribution
• Health & wellbeing benefits
• Parental Leave benefits
• Employee stock purchase plan

Our Red Team is a high‑impact security group that simulates real‑world cyber threats to help the organization stay ahead of emerging risks. The team operates like an in‑house “ethical adversary,” identifying weaknesses across cloud, network, application, and physical environments. By partnering closely with security operations and technology teams, they help strengthen defenses and improve response readiness. This group thrives on curiosity, collaboration, and creativity—constantly researching new attack techniques to keep the organization resilient.

The Principal Red Team Operator is a senior technical role who conducts advanced adversary‑simulation exercises to uncover hidden security gaps. In this role, you’ll design and execute operations that mimic sophisticated attackers, perform penetration tests, and build test plans driven by real threat intelligence. You’ll collaborate with stakeholders across the organization, provide expert guidance on remediation, and deliver clear, actionable reporting.

As a senior member of the team, you’ll also help shape testing strategy, mentor junior operators, and elevate the maturity of the program.

• Solicit input from stakeholders to identify testing needs and establish clear, well‑defined objectives and scope for testing
• Plan and execute Red Team operations and Purple Team exercises that mimic the Tactics, Techniques, and Procedures (TTPs) used by threat actors.
• Write reports based on exercise and testing output.
• Provide consulting services to stakeholders on remediation and mitigation strategies.
• Research industry trends and news sources for emerging threat patterns, attack techniques, and vulnerabilities.
• Write and customize testing tools and scripts to automate testing functions.
• Incorporate social engineering (e.g. phishing, vishing, and physical tailgating) into campaigns to exploit human vulnerabilities.
• Perform penetration tests on applications, networks, or other types of systems.
• Build threat models for various types of systems.
• Helping management develop the future vision for the testing program.
• Build positive relationships with peers and operations teams whose controls are under evaluation.
• Perform after hours testing in accordance with business requirements
• Other duties as assigned.

• Minimum 6 years of relevant experience in information security with 4 years in red team testing
• Prior experience with offensive tools, network penetration testing tools, scripting languages, command and control frameworks, programming languages (C, C++, C#), software vulnerabilities, exploits and malware development.
• Prior experience leveraging threat intelligence for operations planning such as TIBER or Advance Red Team testing frameworks.
• Proficient operational understanding of how to ascertain, validate, and employ data from sources that are generally available to the public.
• Fluent in the techniques that hackers utilize to attack an organization and understand how to pull information from large data sets and how to structure information for reuse
• Possess a solid understanding of enterprise-grade technologies including operating systems, databases, web applications & applicable monitoring tools
• Strong Network infrastructure & Security configuration knowledge.
• Prior experience of vulnerability management and application security.
• Familiarity with MITRE ATT&CK framework.
• OSCP or CRTO in good…