Internal Red Team Consultant

Internal Red Team Consultant

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
V

At a Glance

  • Tasks: Lead red team simulations and assess enterprise security across digital, physical, and social domains.
  • Company: Join a global leader in digital services known for innovation and sustainability.
  • Benefits: Enjoy flexible working, competitive rewards, and opportunities for personal growth.
  • Other info: Be part of a diverse team that values collaboration and continuous improvement.
  • Why this job: Make a real impact in cybersecurity while developing your skills in a supportive environment.
  • Qualifications: Experience in offensive security roles and strong technical skills in red teaming.

The predicted salary is between 60000 - 80000 £ per year.

A global leader in digital services, recognised for innovation, sustainability and a people-first culture. At Ricoh, we believe people do their best work when they feel valued and supported. We create inclusive workplaces where you can grow, contribute, and make a positive impact while helping to build a more sustainable future.

Our purpose is centred on understanding and improving how people work. By focusing on real working experiences, we support individuals to develop their skills, realise their potential and do work that feels meaningful.

We’re hiring an Internal Red Team Consultant in London to design and lead high-fidelity adversary simulations, validate our detection and response maturity, and provide actionable insights that materially reduce risk. This role operates at the intersection of threat intelligence, offensive security, and enterprise risk. Partnering closely with senior stakeholders across Europe and shaping how Ricoh anticipates, detects, and responds to advanced threats.

What you will be doing

  • Plan and execute realistic, risk-aligned red team engagements across digital, physical, and social domains.
  • Emulate sophisticated threat actors, assess resilience across cloud and on-prem environments, and translate technical findings into clear business risk and remediation priorities.
  • Provide virtual, cross-functional leadership, coordination of internal and external operators, mentoring practitioners, and integrating outcomes with blue teams, SOC, and incident response.
  • Deliver second-line assurance that is rigorous, safe, and business-relevant.

Key Responsibilities Include:

  • Plan and lead red team campaigns that assess enterprise detection and response, aligned to current threat intelligence and business risk.
  • Develop and execute adversary playbooks mapped to frameworks such as MITRE ATT&CK, including digital, physical, and social engineering vectors.
  • Coordinate internal and external resources to run covert, goal-oriented engagements across cloud, on-prem, and hybrid environments.
  • Conduct controlled exploitation (web, infrastructure, identity, cloud) and demonstrate attack chains, lateral movement, persistence, and exfiltration.
  • Partner with blue teams and SOC on purple-team exercises, tuning detections, improving SIEM/SOAR use cases, and reducing dwell time and MTTR.
  • Produce clear, actionable reporting for technical and executive audiences—prioritising business impact, risk, and pragmatic remediation.
  • Maintain strict OPSEC and governance, ensuring legal/ethical compliance, ROE adherence, data handling discipline, and auditability.
  • Evolve tools, techniques, and procedures (TTPs), maintain adversary emulation kits, and stay current with APT tradecraft and emerging threats.
  • Define KPIs and dashboards to track detection coverage, campaign outcomes, control efficacy, and remediation progress.
  • Act as subject matter expert in the CIRT, supporting incident readiness, simulations, and executive briefings.
  • Provide virtual leadership and mentorship, fostering a high-performing, psychologically safe culture of continuous improvement.

You will ideally have

  • Deep hands-on experience in red team operations and adversary simulation across Windows, Linux, macOS, and cloud (AWS, Azure, GCP).
  • Proficiency with red team frameworks and C2 platforms (e.g., Cobalt Strike, Mythic, Sliver) and custom payload/tooling development.
  • Strong scripting skills (Python, PowerShell, Bash) and experience automating tradecraft and infrastructure.
  • Mastery of OPSEC, detection evasion, OSINT, network discovery, and physical/social engineering techniques.
  • Fluency with security testing frameworks and models (MITRE ATT&CK, NIST, Cyber Kill Chain) and mapping findings to detections and controls.
  • Ability to translate technical attack paths into business risk, articulating financial, operational, and regulatory impact.
  • Familiarity with ISO 27001, NIST, GDPR and sector-specific compliance (e.g., PCI DSS, HIPAA, NERC CIP).
  • Proven experience leading virtual, cross-functional teams and influencing without direct authority.
  • Clear, concise communicator—capable of executive-level briefings and collaborative debriefs with technical teams.
  • Calm under pressure, balanced judgement in live engagements, and a continuous-improvement mindset.

Qualifications and experience

  • Bachelor’s degree in Cyber Security, Computer Science, Information Security, Network Engineering, Digital Forensics, or related field.
  • Offensive security certifications—OSCP (minimum), plus one or more of: CRTO, CREST CRT/CCT, GIAC GPEN/GXPN/Red Team Professional; CEH optional.
  • Proven career history in cyber security, including 3–5 years in offensive roles (red team, penetration testing, ethical hacking) and experience leading virtual teams or red team delivery in enterprise environments.
  • Experience collaborating with blue teams/SOCs and running purple-team exercises; familiarity with SIEM, EDR, and SOAR.

In return for your commitment, you can expect

  • You become part of a global community built on openness, inclusion and genuine collaboration.
  • Your development truly matters to us. With access to learning pathways, mentoring and career opportunities across functions and countries, you'll be supported to stretch your skills, explore new directions and stay future-ready in a changing world.
  • You'll have opportunities to make a difference through volunteering, sustainability initiatives and community programmes that reflect our shared values and commitment to positive impact.
  • You'll benefit from fair rewards, flexible working, wellbeing resources and real recognition.

We are an equal opportunities employer. We believe that diverse perspectives make us stronger, and we welcome applications from people of all backgrounds, identities, and experiences. Our hiring decisions are based on skills, experience and potential, and we are committed to creating a fair and inclusive recruitment process.

Ready to love what you do? Apply now and help us shape what comes next.

Internal Red Team Consultant employer: Vastbouw

Ricoh is an exceptional employer that prioritises a people-first culture, fostering an inclusive environment where employees can thrive and make a meaningful impact. With a strong commitment to professional development, sustainability, and community engagement, Ricoh offers unique opportunities for growth and collaboration, particularly in the vibrant city of London. Join us as an Internal Red Team Consultant and be part of a global team that values your contributions and supports your journey towards success.

V

Contact Details:

Vastbouw Recruitment Team

We think you need these skills to ace Internal Red Team Consultant

Red Team Operations
Adversary Simulation
Threat Intelligence
Cloud Security (AWS, Azure, GCP)
Scripting (Python, PowerShell, Bash)
C2 Platforms (Cobalt Strike, Mythic, Sliver)
MITRE ATT&CK Framework