Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead red team operations, simulating real-world cyber threats for large enterprises.
- Company: JUMPSEC is a forward-thinking cybersecurity firm focused on tailored solutions for evolving threats.
- Benefits: Enjoy remote work, 25 days leave, flexible hours, and a supportive culture.
- Why this job: Join a diverse team tackling complex challenges in a high-autonomy environment.
- Qualifications: Experience in red team engagements, scripting skills, and knowledge of cloud infrastructure required.
- Other info: Contribute to public research and enjoy an annual training budget.
The predicted salary is between 46800 - 78000 £ per year.
Location: UK (Remote-first with occasional in-person meetups)
At JUMPSEC, we believe our clients should not be constrained by what has gone before. We want to help them to find novel and forward-thinking ways of meeting their cyber security needs in the face of continuously evolving and growing cyber threats. To do this, we work hard to understand our clients and the challenges they face to create tailored solutions and avoid generic, off-the-shelf products and services.
The Role
We’re looking for an experienced Red Team Operator to join our adversary simulation team, delivering high-impact operations against some of the most complex enterprise environments in the UK and beyond. This isn’t a typical penetration testing role. You’ll be leading tailored campaigns that emulate real-world threat actors — from phishing initial access through to cloud-native post-exploitation and domain-level compromise in hybrid estates. We focus on intelligence-led engagements, simulating TTPs derived from current threat actors, helping our clients uncover blind spots and prepare for the attacks that actually matter. We value curiosity, creativity, and diverse experience — some of our team came from medicine, others from blue team, IT, or non-technical backgrounds. If you’re an experienced operator looking to work on challenging problems alongside a strong and supportive team, we’d love to hear from you.
What you will be doing:
- Planning and executing full-spectrum red team operations against large-scale organisations.
- Designing and delivering targeted phishing and social engineering campaigns with behavioural realism.
- Performing advanced Active Directory enumeration and abuse, including trust path abuse, delegation exploitation, and credential material extraction.
- Simulating adversary behaviour based on threat intelligence and frameworks (MITRE ATT&CK, TIBER, etc.).
- Identifying and exploiting weaknesses in cloud environments (Microsoft 365, Azure AD, AWS, GCP, Okta).
- Bypassing modern detection controls (EDR/XDR, MFA etc) with solid operational security.
- Developing custom tooling for payload delivery, evasion, and C2 communications.
- Collaborating with defensive teams during purple team exercises to enhance detection and response.
What we are looking for?
- Demonstrable experience delivering red or purple team engagements in large enterprise or regulated environments.
- Strong understanding of both Windows and cloud infrastructure attack surfaces.
- Fluency in one or more scripting languages (PowerShell, Python, Bash) for tooling and automation.
- Proficient with modern red team infrastructure and frameworks (e.g. Cobalt Strike, Mythic, Sliver, custom C2).
- Solid grasp of Active Directory and Azure AD internals, and related abuse paths.
- Familiarity with common social engineering tactics and phishing techniques, from initial contact to payload execution.
- Ability to think like an attacker, document like a consultant, and communicate like a trusted advisor.
Nice to have:
- Experience crafting custom payloads or tooling for evasion and post-exploitation.
- Knowledge of TTP simulation frameworks.
- Contributions to open-source security tools or published research/blogs.
- Understanding of adversary emulation in regulatory contexts (TIBER-EU, CBEST, GBEST, etc.)
- Certifications like OSCP, OSCE, CRTO, or equivalent hands-on experience (we care more about skill than certs).
A competitive salary up to £65K depending upon experience
25 days annual leave, including your birthday off work
4 paid days for charity or community work
Flexible hybrid working
24/7 access to our Employee Assistance Plan (EAP)
Earn up to £2000 in our recruitment referral scheme
Company pension
Company Culture:
- Supportive and inclusive company culture that values diversity and encourages new ideas and perspectives
- High-autonomy environment with supportive, skilled peers.
- Annual training & research budget — use it for conferences, courses, or tooling.
- Access to red team labs, testing infrastructure, CTI, and sandbox environments.
- Opportunities to contribute to public research, tools, and community initiatives.
- Flexible work, sensible management, and zero micromanagement.
How to apply
If you are interested in applying for this role, please provide a short cover letter outlining your experience and why you would be a good fit for JUMPSEC to careers@jumpsec.com. Please reference JSRedTeamer25 in the subject line. For more information on who we are and what we do, please visit www.jumpsec.com.
At JUMPSEC, we believe that great people drive our success, and we embrace diversity and inclusion as integral parts of our company culture. We welcome individuals from all backgrounds, ethnicities, cultures, and genders. Diverse perspectives and ideas contribute to the uniqueness of our brand and enable the creative problem-solving that our clients value. Join us on our mission to create a safer digital world!
Red Team Consultant (Senior) employer: Jumpsec Limited
Contact Detail:
Jumpsec Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Red Team Consultant (Senior)
✨Tip Number 1
Familiarise yourself with the latest threat intelligence and frameworks like MITRE ATT&CK. Understanding these will not only help you in interviews but also demonstrate your proactive approach to staying updated in the ever-evolving cyber security landscape.
✨Tip Number 2
Engage with the cyber security community by attending relevant conferences or webinars. Networking with professionals in the field can provide insights into current trends and may even lead to referrals for positions like the one at JUMPSEC.
✨Tip Number 3
Showcase your hands-on experience with red team tools and scripting languages. If you have developed custom payloads or contributed to open-source projects, be ready to discuss these in detail during any conversations with us.
✨Tip Number 4
Prepare to discuss real-world scenarios where you've successfully identified and exploited vulnerabilities. Being able to articulate your thought process and the impact of your actions will set you apart as a candidate who thinks like an attacker.
We think you need these skills to ace Red Team Consultant (Senior)
Some tips for your application 🫡
Tailor Your Cover Letter: Craft a cover letter that specifically addresses the skills and experiences mentioned in the job description. Highlight your experience with red team operations, cloud environments, and any relevant scripting languages to show you’re a perfect fit for JUMPSEC.
Showcase Relevant Experience: In your CV, emphasise your demonstrable experience in delivering red or purple team engagements. Include specific examples of past projects where you planned and executed operations against large-scale organisations.
Highlight Technical Skills: Make sure to list your proficiency with modern red team infrastructure and frameworks, such as Cobalt Strike or Mythic. Mention any custom tooling you’ve developed and your understanding of Active Directory and Azure AD internals.
Express Your Curiosity and Creativity: JUMPSEC values curiosity and creativity, so don’t hesitate to mention any unique approaches you’ve taken in past roles. Discuss how you think like an attacker and document like a consultant, showcasing your ability to communicate effectively.
How to prepare for a job interview at Jumpsec Limited
✨Showcase Your Technical Skills
Be prepared to discuss your experience with red team operations and the specific tools you've used, such as Cobalt Strike or custom C2 frameworks. Highlight any scripting languages you are fluent in, like PowerShell or Python, and be ready to demonstrate your understanding of cloud environments and Active Directory.
✨Demonstrate Problem-Solving Abilities
During the interview, focus on how you've tackled complex security challenges in the past. Share specific examples of campaigns you've led or participated in, detailing your thought process and the outcomes. This will show your ability to think like an attacker and approach problems creatively.
✨Understand the Company Culture
Familiarise yourself with JUMPSEC's values and culture before the interview. They value diversity, creativity, and a supportive environment. Be ready to discuss how your background and experiences align with their mission to create a safer digital world.
✨Prepare Questions for the Interviewers
Have a list of insightful questions ready to ask your interviewers. This could include inquiries about their current projects, team dynamics, or how they approach threat intelligence. Asking thoughtful questions demonstrates your genuine interest in the role and the company.
