Security Consultant – Red Team Operations

Job not on LinkedIn

November 7

Apply Now

Receive Emails with Similar Jobs

THEOS Cyber

WebsiteLinkedInAll Job Openings

Cybersecurity • B2B

THEOS Cyber is a cybersecurity services firm that provides managed threat detection and response, red teaming, penetration testing, cyber engineering, and digital forensics/incident response to help organizations detect, contain, and remediate cyber threats. The company works with enterprise clients across sectors such as casinos, crypto, financial services, fintech, gaming, manufacturing, NGOs, technology, and utilities, and partners with vendors like Microsoft, CrowdStrike, and Claroty. THEOS emphasizes a customer-focused, outcomes-driven approach with 24/7 monitoring, human-led analysis, threat hunting, and tailored engineering and consulting services.

11 - 50 employees

Founded 2019

🔒 Cybersecurity

🤝 B2B

📋 Description

• Execute Red Team engagements for enterprise clients, simulating real-world cyber threats to assess security defenses. • Conduct controlled security testing within the Rules of Engagement (RoE) while adhering to best practices. • Assist in technical decision-making during engagements, supporting the development of attack strategies and methodologies. • Prepare detailed technical reports and executive summaries, outlining security gaps, risk ratings, and actionable recommendations. • Stay up to date on emerging threats, attack techniques, and industry trends to refine Red Team tactics. • Contribute to tool development, scripting, and methodology improvements to enhance team efficiency. • Collaborate with senior Red Team Operators to execute engagements, meet deadlines, and improve methodologies. • Share knowledge with the security community through tools, presentations, white papers, and blogs.

🎯 Requirements

• A minimum of 2 years’ experience in security with a major focus on offensive security, within a consulting environment • The ability to articulate and explain technical scenarios and findings to a non-technical audience • Strong understanding of the MITRE ATT&CK Framework and Unified Kill Chain • Knowledge of Active Directory penetration testing tools, techniques, and methodologies • Expertise in reconnaissance, with skills in gathering and analyzing information about an organization’s systems and networks • Ability to manage and work effectively with different stakeholders including project managers, developers, and non-technical app owners • Passion for cybersecurity and active participation in the security community. • Certifications such as OSCP, OSEP, CRTO, CRTE, PNPT, or similar, are highly preferred. • Basic skillset in creating and customizing malware for simulated attacks. • Experience with coding and scripting languages such as C, C#, Python, PowerShell, and BASH. • Experience or knowledge in conducting phishing attacks and building required infrastructure for phishing campaigns. • Understanding of infrastructure automation using Terraform and Ansible.

🏖️ Benefits

• Flexible, remote work set-up • Professional growth and career development • Trainings & Certifications • High-end laptop • Top-notch medical benefits • Supportive work culture