Lead the execution of realistic attack simulations that test organizational resilience, guiding a team of Red Team consultants through complex offensive security engagements. You will oversee the full lifecycle of adversary simulations, from planning and staffing to technical execution and final reporting, ensuring operations remain aligned with real-world threat scenarios and defensive detection capabilities.
What You'll Do
- Direct hands-on Red Team operations, including initial access, lateral movement, privilege escalation, and post-exploitation activities across enterprise, cloud, and operational technology environments
- Mentor team members in technical tradecraft, operational security, and professional development, fostering a culture of continuous improvement
- Manage the delivery of assumed breach exercises, purple teaming initiatives, and covert physical intrusion tests
- Design and maintain command and control infrastructure to support long-term simulation campaigns
- Collaborate with Detection Engineering, Threat Intelligence, and Incident Response teams to enhance detection maturity
- Advise clients on realistic attack paths, adversary behaviors, and security posture improvements
- Support pre-sales efforts by scoping engagements, designing solutions, and presenting technical approaches
- Contribute to the evolution of Red Team methodologies, tooling, and service offerings
- Ensure all operations comply with legal, ethical, and operational security standards
Requirements
- Citizenship in one of the 32 NATO member states
- Proven experience in offensive security, with deep expertise in Red Teaming, adversary simulation, or advanced penetration testing
- Track record of leading technical teams or projects in a cybersecurity consulting context
- Strong understanding of attacker tactics across the full intrusion lifecycle
- Hands-on experience with Active Directory, Windows, Linux, cloud platforms, and modern identity systems
- Proficiency in evading detection mechanisms and assessing defensive maturity
- Ability to communicate complex technical findings clearly to both technical and executive audiences
- Structured, quality-focused approach to operations and reporting
- Collaborative mindset with a commitment to team development
- Professional fluency in English and German
Preferred Qualifications
- Experience managing or coaching offensive security professionals
- Background in purple teaming and detection validation exercises
- Familiarity with Red Teaming in Azure, AWS, or Google Cloud environments
- Scripting or development skills in Python, PowerShell, or C#
- Hold certifications such as CRTO, CRTE, OSEP, OSCP, or equivalent
- Contributions to internal research, tooling, or public conference content
- Experience with TIBER or TLPT frameworks
Benefits
- Work alongside recognized experts, including certified SANS instructors
- Access to a 10,000 EUR annual training budget for technical certifications
- Support for achieving advanced credentials such as GSE, GXPN, GREM, GCFA, and OSCP
- Personal coaching for career and well-being development
- Flexible working hours and remote work options, including temporary assignments within the EU
- Hybrid work model with home office flexibility
- 30 days of annual leave with 10 days carry-over into the following year
- Reimbursement for Deutschlandticket and BahnCard 50 (1st class)
- Business bike leasing program
- Company pension plan
- Annual off-site events and regular team-building activities
- Opportunities to present at major cybersecurity conferences
