Principal Red Team Operator​/Leader - Hybrid

Job Overview

Swift is seeking an experienced Red Team Leader to research, plan, and conduct advanced adversary emulation campaigns across enterprise environments and to perform purple teaming activities to enhance detection capabilities of the internal SOC.

• Design and direct large‑scale adversary simulations and coordinate multi‑operator campaigns.
• Lead and execute end‑to‑end Red Team engagements from reconnaissance to data exfiltration.
• Develop and maintain Red Team infrastructure, including C2 ecosystems, phishing platforms, and OPSEC tooling.
• Build, automate, and operationalize custom tooling, payloads, and exploitation chains.
• Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms.
• Ensure operational realism, safety, compliance with internal policy, legal constraints, and regulatory requirements.
• Align Red Team operations with MITRE ATT&CK framework and industry testing standards.
• Lead Purple Team exercises, translate findings into prioritized defensive improvements, and collaborate with SOC, Threat Intelligence, Risk Management, and Engineering teams.
• Mentor and develop junior and mid‑level operators; foster an internal information‑sharing environment.
• Communicate technical risk clearly to security leadership and stakeholders.
• Produce high‑quality After‑Action Reports, executive summaries, and technical documentation.
• Perform people‑management duties: coaching, performance evaluations, hiring support, and workforce planning.

• Independent design and leadership of complex Red Team engagements.
• Deliver realistic adversary simulations that measurably improve detection and response maturity.
• Build resilient, covert Red Team infrastructure and tooling ecosystems.
• Develop novel exploitation techniques that stress modern defensive controls.
• Produce clear, actionable reports aligned to business risk and regulatory expectations.
• Strengthen Red Team capability through mentorship, process maturity, and tradecraft standardization.
• Act as a trusted deputy and technical authority for the Head of the Adversarial Emulation and Testing team.

• Bachelor’s degree in Computer Science or related field.
• 10+ years of relevant experience in offensive security.
• Offensive Security Certified Professional (OSCP) or higher.
• Proven experience leading and executing Red Team operations and adversary simulations.
• Advanced skills in network, application, cloud, wireless, and hybrid penetration testing.
• Strong command of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration).
• Experience with Active Directory exploitation, Linux privilege escalation, kernel‑level techniques, and cloud identity systems.
• Ability to chain vulnerabilities and bypass modern endpoint detection technologies.
• Proficiency with Red Team tooling, including C2 frameworks, scanners, phishing platforms, and OPSEC tooling.
• Deep understanding of persistence mechanisms, identity‑based attacks, and stealth tradecraft.
• Familiarity with the MITRE ATT&CK framework and adversary‑emulation methodologies.
• Strong technical writing, reporting, and presentation skills.
• Demonstrated ability to mentor operators and lead technical teams.
• Experience supporting Purple Team exercises and detection engineering.
• Experience managing or coordinating multi‑operator Red Team engagements.

• Experience developing custom exploits, scripts, and automation.
• Experience aligning operations with regulatory frameworks such as TIBER.
• Advanced certifications:
  Offensive Security Exploit Expert (OSEE), Certified Red Team Operator Level II (CRTOII), GIAC Red Team Professional (GRTP), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security Web Expert (OSWE).
• Advanced SANS coursework (SEC
  760, SEC
  660).
• Cloud exploitation and identity‑attack specialization training.

• Competitive salary: $145,877–$270,915per year (based on experience and location).
• Bonus opportunity tied to personal and company performance.
• Medical, dental, vision, and life insurance with no premium costs for employees and families.
• 401(k) retirement plan with company match.
• Flexible work‑from‑home schedule.
• Structured training, certification sponsorship, and long‑term career development opportunities.

Swift is an equal opportunity employer. We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contact accessibility‑ All requests are confidential and do not affect candidacy.