At a Glance
- Tasks: Join our Red Team to simulate real-world cyber threats and enhance security.
- Company: AtCoreTech, a leader in world-class security research.
- Benefits: 25 days holiday, private medical, training opportunities, and a bonus scheme.
- Other info: British citizens only; extensive background checks for security clearance.
- Why this job: Make a real impact in cybersecurity while developing your skills in a supportive environment.
- Qualifications: Experience in red team operations and strong networking knowledge required.
The predicted salary is between 60000 - 80000 £ per year.
AtCoreTech has a rich pedigree of conducting world-class security research across a multitude of platforms. We are hiring Red Team Operators at all levels of seniority to help grow and deliver a new service. You will be part of a long-term offensive security capability with backing, a clear mandate, and a roadmap for growth. Our Red Team will operate with a realistic adversary mindset, focusing on end-to-end attack simulation, stealth, and meaningful outcomes rather than checklist-driven testing.
As part of this team you will:
- Plan and execute full-scope red team operations, simulating real-world threat actors as well as honing your own tradecraft.
- Conduct red team engagements across:
- Network infrastructure, cloud, and Active Directory environments
- Web applications and APIs
- Social engineering and phishing campaigns
- Configure and use C2 frameworks for command and control.
- Use network and endpoint detection (EDR) evasion techniques.
- Perform post-exploitation activities including privilege escalation, lateral movement, persistence, and exfiltration.
- Develop and modify custom tooling, payloads, and infrastructure.
- Produce high-quality reports that tell the story of the attack and drive remediation.
Required experience:
- Commercial experience of working on full-scope engagements in a similar role as a Red Team Operator, including being able to lead engagements.
- Good understanding of networking, network technologies, DNS, routing, firewalls, IDS, IPS and common VPN solutions.
- Experience with regulatory-driven engagements such as CBEST, TIBER, or GBEST.
- Linux server configuration experience.
- Experience using Infrastructure-as-Code to deploy infrastructure.
- Experience building and configuring an Active Directory environment (as a lab for example).
- Understanding of the common detection tools and services available to customers.
- Experience recommending relevant mitigations and detection techniques to customers.
- Ability to explain why an attack technique worked and how a customer can mitigate against it in future.
- Good knowledge of existing tools and techniques and how to customise them.
- Ability to customise existing code and write scripts without support.
Please note, due to the sensitivity of the role, successful applicants must be British Citizens with at least 5 years residency and willing to undergo extensive background checks to obtain a security clearance. Ideally, you will already hold an active Developed Vetting security clearance.
Desirable experience:
- A relevant certification such as those offered by Offensive Security (OSEP, OSEE, OSWE), CREST (CCRTS, CCSAS, CCT), Cyber Scheme (CSTL, Red Team Manager) and SANS.
Work Benefits:
- Promotions are based on technical excellence and reviewed regularly.
- 25 days holiday per year (with bank holidays on top), option to buy up to 5 days per year.
- Level up with an extra day of holiday per year, up to an extra 5 days, starting from 2 years’ service.
- We offer financial support to cover HMRC allowable costs of relocating if you’re moving to the area.
- Training and development opportunities to support your career aspirations.
- O’Reilly books subscription which provides access to a huge range of technical books.
- Regular events including internal technical conferences, company socials and pizza-fuelled lunchtime seminars.
- Free seasonal fruit, tea, coffee, milk, squash and hot chocolate.
Health Benefits:
- Private medical including access to private online GP, and a helpline to speak with various healthcare professionals.
- Physiotherapists, osteopaths or chiropractors for muscle, bone, and joint pain.
- Mental health - counselling, and specialist consultations and treatment with psychologists and cognitive behavioural therapists.
- Annual Health assessment.
Financial Benefits:
- A company bonus scheme so that everybody is rewarded for company success. This is an annual award that is based on the company hitting its targeted forecast. We have achieved this every year to date.
- 8% company contribution to pension with no minimum requirement for employee contribution.
- Death in Service cover of 4× base salary.
Lifestyle Benefits:
- Enhanced maternity/paternity/adoption leave: 12 weeks maternity leave at full pay as soon as you join, further enhanced to 20 weeks full pay from 2 years’ service.
- 2 weeks paternity leave at full pay as soon as you join, further enhanced to 4 weeks full pay from 2 years’ service.
- Enhanced cycle-to-work scheme including the ability to purchase a bike over £1,000 (e-bikes, specialist cycles and trikes allowed).
Red Team Operator in Cheltenham employer: 慨正橡扯
AtCoreTech is an exceptional employer for Red Team Operators, offering a dynamic work culture that prioritises technical excellence and employee growth. With a commitment to professional development through training opportunities, regular internal events, and a supportive environment, employees can thrive while contributing to cutting-edge security research. Located in a vibrant area, the company also provides generous benefits including a robust health plan, flexible holiday options, and a rewarding bonus scheme, making it an attractive choice for those seeking meaningful and impactful careers in cybersecurity.
StudySmarter Expert Advice🤫
We think this is how you could land Red Team Operator in Cheltenham
✨Tip Number 1
Network like a pro! Attend industry events, meetups, and conferences related to cybersecurity. It's all about making connections and getting your name out there. Plus, you never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your red team operations, tools you've developed, and any successful engagements. This will give potential employers a taste of what you can bring to the table. Don't forget to share it on platforms like GitHub!
✨Tip Number 3
Prepare for interviews by simulating real-world scenarios. Practice explaining your thought process during red team engagements and how you tackle challenges. This will help you stand out and demonstrate your expertise in a practical way.
✨Tip Number 4
Apply through our website! We’re always on the lookout for talented Red Team Operators. By applying directly, you’ll ensure your application gets the attention it deserves. Plus, it shows you're genuinely interested in joining our team!
We think you need these skills to ace Red Team Operator in Cheltenham
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter for the Red Team Operator role. Highlight your relevant experience and skills that match the job description, especially your hands-on experience with full-scope engagements and offensive security.
Show Off Your Skills:Don’t just list your qualifications; demonstrate your expertise! Include specific examples of past projects or challenges you've tackled, particularly in areas like network infrastructure and social engineering. We love seeing how you think and operate!
Be Clear and Concise:When writing your application, keep it straightforward and to the point. Use clear language to explain your experiences and avoid jargon unless it's relevant. We appreciate a well-structured application that tells a compelling story.
Apply Through Our Website:We encourage you to submit your application directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you're serious about joining our team at AtCoreTech!
How to prepare for a job interview at 慨正橡扯
✨Know Your Stuff
Make sure you brush up on your technical knowledge, especially around networking, cloud environments, and Active Directory. Be ready to discuss your experience with full-scope red team engagements and how you've led them in the past.
✨Showcase Your Tradecraft
Prepare to demonstrate your understanding of real-world attack simulations. Think about specific examples where you've used C2 frameworks or evasion techniques, and be ready to explain the outcomes and what you learned from them.
✨Communicate Clearly
Practice explaining complex concepts in a straightforward way. You might need to describe why certain attack techniques work and how to mitigate against them, so clarity is key. Use examples from your past experiences to illustrate your points.
✨Bring Your Own Tools
If you have custom tools or scripts that you've developed, consider bringing them up during the interview. This shows initiative and gives you a chance to discuss your coding skills and how you can contribute to the team’s success.
