Plan and execute internal red team engagements against the ZTE platform and corporate infrastructure
Conduct regular penetration testing of applications, APIs, cloud infrastructure (AWS GovCloud), and network segments
Develop and maintain adversary emulation capabilities aligned with MITRE ATT&CK for ICS
Document findings with actionable remediation guidance and track to resolution
Coordinate with external penetration testing firms for annual assessments
Lead threat modeling sessions for new features and architectural changes using STRIDE, PASTA, or attack trees
Review and approve security architecture for product changes before implementation
Participate in Change Control Board (CCB) reviews with security sign-off authority
Define security requirements and acceptance criteria for development teams
Maintain threat models for ZTE components including Moving Target Defense, access control, session recording, and password vaulting
Design and implement deception technologies and honeypots within the product and infrastructure
Collaborate with SOC to develop detection rules based on offensive findings
Create purple team exercises bridging red team operations with blue team response
Develop adversary playbooks that inform SOC runbooks
Implement and maintain security controls in CI/CD pipelines (SAST, DAST, SCA, secrets scanning, container scanning)
Define and enforce security gates for code promotion
Review infrastructure-as-code for security misconfigurations
Integrate security testing into GitHub workflows
Establish software supply chain security controls (SBOM generation, dependency verification)
Stand up and operationalize vulnerability management program in coordination with SOC
Define vulnerability severity thresholds, SLAs, and escalation procedures
Triage and prioritize vulnerabilities based on exploitability and business context
Track remediation progress and report metrics to leadership
Partner with SOC team on playbook development for incident response
Provide offensive perspective on detection gaps and coverage
Support SOC maturation through training, tabletop exercises, and purple team activities
Contribute to SIEM rule development and tuning (Google SecOps)

Requirements

8-12 years of experience in cybersecurity with 5+ years in offensive security, application security, or security architecture
Demonstrated experience conducting penetration testing and red team operations
Strong knowledge of cloud security (AWS required; Azure/GCP beneficial)
Experience with CI/CD security tooling and DevSecOps practices
Hands-on experience with threat modeling methodologies
Proficiency in at least one scripting/programming language (Python, Go, Bash)
Understanding of OT/ICS security concepts and protocols
Experience with vulnerability management tools and processes
Excellent written and verbal communication skills

Benefits

Competitive salary and performance bonus
Comprehensive health, dental, and vision insurance
401(k) with company match
Opportunity for incentive units grant
Generous paid time off and holidays
Flexible work environment with opportunities for remote work

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

penetration testingred team operationscloud securitythreat modelingvulnerability managementCI/CD security toolingDevSecOpsscriptingPythonGo

Soft skills

communicationleadership