Sr. Red Team Engineer​/Hybrid​/Scottsdale

Position: Sr. Red Team Engineer / Hybrid / Scottsdale
$135000 - $165000

Hybrid opportunity in Scottsdale, AZ with a major U.S. financial technology company that powers and protects critical payments infrastructure used by hundreds of millions of consumers and small businesses. Tech stack includes Python, Power Shell, Go, AWS/Azure cloud environments, the MITRE ATT&CK framework, and modern adversary emulation toolsets (Cobalt Strike, CALDERA, Atomic Red Team, and similar). This is a full-time, direct-hire Senior Red Team Engineer role on the Offensive Security team.

This is not a checkbox pen testing role. You'll be doing real adversary emulation against one of the highest-value target environments in the country - payments infrastructure relied on by millions every day. Financially-motivated APTs aren't a hypothetical here; they're the actual threat model. You'll run red team campaigns, partner with the blue team on purple team exercises, build your own tooling, and prove real-world blast radius on findings that matter.

They're looking for an operator who thinks like a threat actor, can pivot from a single vulnerability to org-wide impact, and wants to grow technically without being pushed into management. You'll report directly to the Director of Offensive Security, work alongside a sharp and well-resourced team, and have real influence over how the organization defends itself. Strong work-life balance with flexible PTO, 12 weeks of paid parental leave, and a 100% safe harbor 401(k) match on the first 6% - plus a culture that genuinely supports learning, conference attendance, and certification growth.

Required Skills & Experience

+ 6+ years of information security experience, with at least 2 years in offensive security roles

+ Hands-on experience running red team campaigns and adversary emulation exercises

+ Strong working knowledge of tools and techniques for network, cloud, and web-based campaigns, plus the ability to develop and execute new exploits at scale

+ Solid grasp of threat modeling, cloud security, cryptography, authentication & authorization, and defensive detection techniques (including offensive evasion)

+ Proficiency writing and maintaining scripts in Power Shell, Python, and Go

+ Strong written and verbal communication; able to brief both technical and non-technical audiences

+ Bachelor's degree in a relevant field or equivalent practical experience

Desired Skills & Experience

+ Hands-on experience with adversary emulation frameworks and C2 platforms (Cobalt Strike, Mythic, Sliver, CALDERA, Atomic Red Team, etc.)

+ Deep understanding of MITRE ATT&CK, MITRE CAPEC, and the Cyber Kill Chain

+ Mobile application testing and vulnerability research experience

+ Practical offensive security certifications: OSCP, OSEP, ePTX, GPEN, HTB CPTS, or equivalent

+ Cloud certifications: AWS SAA/SAP, AWS Security Specialty, or equivalent

+ Experience moving from a single vulnerability to identifying organization-wide impact

What You Will Be Doing

Tech Breakdown

+ 40% Cloud (AWS / Azure) offensive security

+ 30% Network & internal infrastructure red teaming

+ 20% Web and application-layer exploitation

+ 10% Mobile application testing

Daily Responsibilities

+ 70% Hands-on (campaigns, exercises, tooling development, exploit research)

+ 20% Team collaboration (purple team work, scoping with internal security partners, IR/CTI support)

+ 10% Reporting and stakeholder communication

The Offer

+ Base salary: $132,000 - $165,000

+ Discretionary incentive / bonus eligible

You will receive the following benefits:

+ Medical, Dental, and Vision Insurance (PPO/HDHP options with HSA company contributions)

+ Flexible PTO for exempt employees, plus 11 paid company holidays and a paid volunteer day

+ 401(k) with 100% safe harbor match on first 6% (immediate eligibility)

+ 12 weeks paid parental leave

+ Family planning benefits including fertility, adoption, and surrogacy support

+ Commuter and dependent care FSA options