Key skills
Offensive securityRed team operationsAdversary emulationMITRE ATT&CK frameworkCloud infrastructureAttack tooling developmentSecurity controls understandingCyber Threat IntelligenceIncident ManagementPenetration TestingCyber Threat HuntingIT Security ArchitectureThreat DetectionCommunication skillsTechnical leadershipPythonC#CBashPowerShellAWSAzureGCPActive DirectoryLeadershipCommunication
About this role
Allstate is a company that has been protecting families and their belongings for over 90 years. As a Senior Red Team Engineer, you will lead adversary emulation efforts to validate defenses against real-world threats and mentor other team members while developing actionable recommendations for senior leadership.
Responsibilities:
- Lead full-scope red team operations, from scoping to exfil. Including stealthy, multi-stage attack simulations across enterprise environments while staying within rules of engagement
- Design advanced adversary emulation scenarios based on threat intelligence and MITRE ATT&CK techniques
- Operate in complex enterprise stacks and conduct exploitation of systems, networks, Active Directory, and cloud infrastructure, focusing on realistic threat behavior
- Identify gaps in detection, prevention, and response mechanisms, and collaborate with security engineering and detection teams to address them
- Build custom tooling and payloads to evade controls and simulate advanced threat capabilities
- Manage infrastructure necessary to conduct red team operations
- Mentor other red teamers and contribute to internal training, tool development, and process improvement
- Develop detailed reports and present findings to both technical and executive stakeholders, translating risk into actionable recommendations
Requirements:
- 6+ years of hands-on experience in offensive security, with at least 2 years leading or co-leading objective-based red team operations
- Deep understanding of enterprise environments (Windows, Linux, AD, Azure/AWS/GCP), including common misconfigurations and attack paths
- Advanced proficiency with offensive tools and frameworks (e.g., Cobalt Strike, Mythic, BloodHound, SharpHound, Mimikatz, PowerShell Empire) and ability to write or modify tooling for OPSEC and EDR evasion
- Strong ability to develop or customize attack tooling (Python, PowerShell, C#, Bash)
- Understanding of modern security controls (EDR, MFA, network segmentation, logging)
- Expert use of the MITRE ATT&CK framework for planning, execution, and reporting
- Excellent communication skills, including the ability to write clear, concise, and technically deep reports and exec-level narratives that drive decisions and remediation
- Contributions to the security community (research, tools, talks, blogs)
- Relevant certifications (e.g., OSEP, OSCP, CRTO, OSCE, GXPN) are valued but not required
- Education 4 year Bachelors Degree (Preferred not required)
- Experience 6 or more years of experience (Preferred)