Associate Principal Red Team Consultant

About UltraViolet Cyber

UltraViolet Cyber is a premier platform-enabled unified security operations company. Founded by seasoned security practitioners, they leverage a security-as-code platform, combining technological innovation with deep human expertise. Their mission is to make advanced, real-time cybersecurity accessible to all organizations by eliminating the risks associated with separate red and blue teams. They provide continuously optimized identification, detection, and resilience against dynamic threat landscapes through managed and custom-tailored unified security operations solutions for Fortune 500, Federal Government, and Commercial clients. Headquartered in McLean, Virginia, they have global offices in the U.S. and India.

What You’ll Do

• Lead and participate in full-lifecycle red team engagements: scoping, planning, execution, and reporting.
• Simulate advanced persistent threat (APT) tactics against enterprise network and cloud environments.
• Execute multi-stage attack chains involving network compromise, Active Directory abuse, cloud environments, and data exfiltration.
• Design and conduct social engineering campaigns, including phishing, vishing, and smishing operations.
• Perform adversary simulation against hybrid and cloud-native environments (AWS, Azure, GCP).
• Develop custom tooling, payloads, and tradecraft to evade modern defensive controls (EDR, SIEM, CASB).
• Produce high-quality, actionable reports tailored for both technical and executive audiences.
• Collaborate with blue team and MDR teams to deliver purple team assessments.
• Mentor junior consultants and contribute to internal capability development.
• Stay current with emerging threat actor TTPs, tooling, and industry research.

What You Have

Core Offensive Security:

• 4+ years in offensive security, penetration testing, or red team roles.
• Proven experience leading or independently executing full red team engagements.
• Strong command of red teaming methodologies and attack patterns.
• Proficiency with common red team toolkits: Cobalt Strike, Metasploit, Sliver, Havoc, or equivalent C2 frameworks.
• Ability to develop and modify offensive tooling (Python, PowerShell, C/C#, or Go).

Network & Infrastructure:

• Deep knowledge of Active Directory attack paths (Kerberoasting, AS-REP roasting, ACL abuse, DCSync, delegation attacks).
• Experience with internal network lateral movement, credential access, and persistence mechanisms.
• Familiarity with common enterprise security controls and bypass techniques (AV/EDR evasion, AMSI bypass, LOLBins).
• Understanding of network protocols: SMB, LDAP, Kerberos, DNS, RDP, WinRM.

Cloud Environments:

• Hands-on experience attacking cloud infrastructure in at least one major provider (AWS, Azure, or GCP).
• Familiarity with cloud-specific attack paths.
• Experience with cloud red team tooling.

Social Engineering:

• Experience designing and executing phishing simulation campaigns (credential harvesting, malware delivery).
• Familiarity with pretexting, vishing, and physical access scenarios.
• Understanding of awareness evasion techniques (email gateway bypass, domain aging, spoofing controls).

US Citizenship is Required.

Preferred Qualifications

• Relevant certifications: OSCP, CRTO, CRTE, PNPT, CRTL, or equivalent.
• Cloud security certifications (AWS Security Specialty, AZ-900+, or similar) are a plus.
• Prior consulting or professional services experience in a client-facing capacity.
• Experience with TIBER-EU, CBEST, or other regulated red team frameworks.
• Published research, CVEs, or conference presentations (DEF CON, Black Hat, etc.).
• Familiarity with threat intelligence and threat actor emulation planning.

Soft Skills & Professional Requirements

• Strong written and verbal communication skills; ability to write clear, concise, and technically accurate reports.
• Comfortable presenting findings to C-suite and board-level stakeholders.
• Self-directed and able to manage engagement workload with minimal supervision.
• Collaborative team player with a mentorship mindset.
• Ability to work within legal and ethical boundaries and maintain client confidentiality.
• Willingness to travel for on-site engagements as needed (up to ~25%).

Compensation

$165,000 - $195,000 per year

Benefits

• 401(k) with employer match (100% of the first 3% contributed and 50% of the next 2% contributed).
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment).
• Group Term Life, Short-Term Disability, Long-Term Disability.
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness.
• Participation in the Discretionary Time Off (DTO) Program.
• 11 Paid Holidays Annually.

Diversity & Inclusion

UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.

Note on AI Usage

UltraViolet Cyber may use AI tools to support parts of the hiring process, such as reviewing applications and analyzing resumes. These tools assist the recruitment team but do not replace human judgment. Final hiring decisions are made by humans. If you would like more information about data processing, please contact the company.