Red Team & Security Assessment Specialist – Penetration Testing, Adversary

Job Title: Red Team & Security Assessment Specialist – Penetration Testing, Adversary Simulations

Location: United Arab Emirates

Experience: 7+ Years

Job Type: Long-Term | On-site

Department: Offensive Security / Cyber Defense

Job Summary

We are seeking a skilled and experienced Red Team & Security Assessment Specialist to conduct advanced penetration testing, adversary simulations, and security assessments across enterprise networks, applications, and cloud infrastructure. The ideal candidate will emulate real-world attack scenarios to uncover vulnerabilities, evaluate defense mechanisms, and work with stakeholders to mitigate security gaps.

Key Responsibilities

Lead and execute advanced red team operations, simulating real-world threat actor tactics (TTPs) based on MITRE ATT&CK framework.

Perform penetration testing across web applications, internal/external networks, APIs, cloud platforms (AWS, Azure, GCP), and mobile environments.

Conduct social engineering exercises, phishing simulations, and physical security assessments where applicable.

Identify and exploit vulnerabilities using both commercial and open-source tools (e.g., Cobalt Strike, Metasploit, Burp Suite, BloodHound, Nmap).

Develop custom exploit scripts, payloads, or post-exploitation tools to support red teaming engagements.

Deliver detailed reports, risk ratings, and remediation guidance to technical and executive stakeholders.

Collaborate with blue team/SOC to strengthen detection and response capabilities and assist in purple team exercises.

Stay current with emerging threats, vulnerabilities, and offensive security techniques; contribute to the continuous improvement of testing methodologies.

Support security audits and regulatory requirements by providing evidence of threat simulation and assessment activities.

Required Skills & Qualifications

Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related technical field.

Minimum of 7 years’ experience in ethical hacking, red teaming, or offensive security roles.

Proficiency in penetration testing methodologies (OWASP, PTES, NIST SP 800-115) and exploit frameworks.

Strong understanding of network protocols, operating system internals (Windows, Linux), and cloud environments.

Hands-on experience with scripting and automation (Python, Bash, PowerShell) to develop custom tools.

Familiarity with Active Directory attacks, lateral movement, persistence techniques, and privilege escalation.

Certifications preferred: OSCP, OSCE, CRTP, CRTO, GPEN, GXPN, or equivalent.

Strong analytical, documentation, and communication skills with the ability to deliver technical and executive-level reports.

Nice To Have

Experience with purple team engagements, threat emulation planning, and red vs. blue assessments.

Knowledge of threat intelligence integration in red team planning.

Familiarity with Evasion techniques (e.g., bypassing EDR/XDR).

Experience in cloud-specific attacks and misconfiguration exploitation in AWS, Azure, or GCP.

Skills: scripting and automation,documentation,social engineering,active directory attacks,testing,operating system internals,vulnerability identification,red,network protocols,phishing simulations,penetration testing,assessment,red team,adversary simulations,physical security assessments,communication,cloud,aws,exploit development,simulations,red team operations,exploit,security,cloud security