Red Team Engineer, UK Security Operations, Wiltshire in London

Must be a British citizen to meet compliance and security clearance requirements. Office location will be a satellite site in Wiltshire, with occasional travel to London. This is an on-site position, requiring a standard five day per week schedule in the office.

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Security, a related field, or equivalent practical experience.
• 5 years of experience in security engineering, offensive security (Red Team/Purple Team), or platform engineering roles.
• Experience with infrastructure-as-code and GitOps (e.g., Terraform, Helm, ArgoCD) and cloud-native security orchestration.
• Experience with Kubernetes security (e.g., workload isolation, RBAC, network policies) and container orchestration.
• Experience in scripting and development languages (e.g., Python, Go) for building custom security tooling, automation, and exploit Proof-of-Concept (PoCs).
• Active, or the ability to obtain, a Developed Vetting (DV) UK security clearance.

Preferred qualifications:

• Advanced offensive security certifications (e.g., OSCP, OSEP, OSCE, GXPN).
• Experience in conducting full-scope Red Team engagements and Purple Team exercises in cloud-native environments.
• Experience developing custom exploits, adversary emulation scenarios, or security automation frameworks for internal testing.
• Knowledge of cloud-native logging, monitoring, and Security Information and Event Management (SIEM) integration for detecting sophisticated adversary tactics.
• Understanding of Kubernetes attack surfaces, including container escapes, privilege escalation, and lateral movement techniques.
• Current and active UK Developed Vetting (DV) Security Clearance.

About the job:

As a part of the UK Security Operations (SecOps) team in Google Public Sector, you will deliver, operate and secure private cloud services. Your aim is to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. You will deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology.

As a Red Team Engineer, you will play a critical role in designing, building, and managing cloud-native security platforms with a strong emphasis on Kubernetes-based environments. You will be at the intersection of security and engineering—developing scalable tooling and automating security controls to enable Red Team activities, Purple Team exercises, and comprehensive attack path reviews. You will build and maintain the platforms necessary for developing and deploying proof-of-concept (PoC) exploits and validations, ensuring detection and response capabilities across cloud infrastructure. In this engineering-centric role, you will require deep technical expertise in cloud environments, Kubernetes security, and platform automation. You will work closely with Incident Response, Platform Engineering and Security Architects to ensure that security validation and defensive hardening are seamlessly integrated into infrastructure and operational workflows. Your role will require participation in a rotating on-call schedule outside of core business hours and over the weekend to ensure security incidents and critical operations can be supported.

Responsibilities:

• Design, develop, and maintain the automation platforms and tooling required to execute Red Team operations, Purple Team exercises, and comprehensive attack path reviews.
• Create and deploy Proof-of-Concept (PoC) exploits and validations to proactively test and harden cloud infrastructure security.
• Collaborate with security engineering and platform teams to build scalable security validation frameworks that integrate seamlessly into CI/CD pipelines.
• Analyse complex cloud and Kubernetes architectures to identify and document potential attack vectors, mapping them against threat models to prioritise security improvements.
• Support defensive hardening efforts by providing actionable insights and telemetry from security validation exercises, ensuring continuous improvement of detection and response capabilities.