[Remote] Associate Principal Red Team Consultant
Note: The job is a remote job and is open to candidates in USA. UltraViolet Cyber is a leading platform-enabled unified security operations company providing comprehensive security solutions. They are seeking a mid-to-senior Red Team Associate Principal Consultant to lead and execute sophisticated adversary simulations for enterprise clients, requiring deep technical execution and effective communication of risk to stakeholders.ResponsibilitiesLead and participate in full-lifecycle red team engagements: scoping, planning, execution, and reportingSimulate advanced persistent threat (APT) tactics against enterprise network and cloud environmentsExecute multi-stage attack chains spanning network compromise, Active Directory abuse, cloud environments, and data exfiltrationDesign and conduct social engineering campaigns including phishing, vishing, and smishing operationsConduct adversary simulation against hybrid and cloud-native environments (AWS, Azure, GCP)Develop custom tooling, payloads, and tradecraft to evade modern defensive controls (EDR, SIEM, CASB)Produce high-quality, actionable reports tailored to both technical and executive audiencesCollaborate with blue team and MDR teams to deliver purple team assessmentsMentor junior consultants and contribute to internal capability developmentStay current with emerging threat actor TTPs, tooling, and industry researchSkillsUS Citizenship is Required4+ years in offensive security, penetration testing, or red team rolesProven experience leading or independently executing full red team engagements (not just component pentests)Strong command of red teaming methodologies and attack patternsProficiency with common red team toolkits: Cobalt Strike, Metasploit, Sliver, Havoc, or equivalent C2 frameworksAbility to develop and modify offensive tooling (Python, PowerShell, C/C#, or Go)Deep knowledge of Active Directory attack paths: Kerberoasting, AS-REP roasting, ACL abuse, DCSync, delegation attacksExperience with internal network lateral movement, credential access, and persistence mechanismsFamiliarity with common enterprise security controls and bypass techniques (AV/EDR evasion, AMSI bypass, LOLBins)Understanding of network protocols: SMB, LDAP, Kerberos, DNS, RDP, WinRMHands-on experience attacking cloud infrastructure in at least one major provider (AWS, Azure, or GCP)Familiarity with cloud-specific attack pathsExperience with cloud red team toolingExperience designing and executing phishing simulation campaigns (credential harvesting, malware delivery)Familiarity with pretexting, vishing, and physical access scenariosUnderstanding of awareness evasion techniques (email gateway bypass, domain aging, spoofing controls)Strong written and verbal communication β ability to write clear, concise, and technically accurate reportsComfortable presenting findings to C-suite and board-level stakeholdersSelf-directed; able to manage engagement workload with minimal supervisionCollaborative team player with a mentorship mindsetAbility to work within legal and ethical boundaries and maintain client confidentiality at all timesWillingness to travel for on-site engagements as needed (up to :25%)Relevant certifications: OSCP, CRTO, CRTE, PNPT, CRTL, or equivalentCloud security certifications (AWS Security Specialty, AZ-900+, or similar) a plusPrior consulting or professional services experience in a client-facing capacityExperience with TIBER-EU, CBEST, or other regulated red team frameworksPublished research, CVEs, or conference presentations (DEF CON, Black Hat, etc.)Familiarity with threat intelligence and threat actor emulation planningBenefits401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributedMedical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)Group Term Life, Short-Term Disability, Long-Term DisabilityVoluntary Life, Hospital Indemnity, Accident, and/or Critical IllnessParticipation in the Discretionary Time Off (DTO) Program11 Paid Holidays AnnuallyCompany OverviewUltraViolet Cyber is a platform-enabled unified security operations firm that offers a full range of security operations solutions. It was founded in 2023, and is headquartered in Mclean, Virginia, USA, with a workforce of 501-1000 employees. Its website is https://www.uvcyber.com.