Senior Red Team Operator

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

The primary objectives for the Information Security team are to protect confidential and sensitive information and to maintain operational stability resulting from cyber-attacks. Offensive Security (Red Team) members contribute to these objectives by performing assessments that proactively identify security exposures within the Sun Life environment that go beyond traditional penetration testing. A successful senior red team operator, specializing in offensive security, must possess a diverse set of competencies to effectively simulate cyberattacks and identify vulnerabilities within an organization's systems. Key skills include understanding attack vectors, proficiency in penetration testing, analytical and communication skills, and adaptability to evolving threats.

What you will do?

• Plan, execute, and report on Red Team assessments, attack simulations, and adversary emulation exercises to identify vulnerabilities.
• Perform network, web, and mobile application testing, source code reviews, threat analysis, and social engineering assessments.
• Develop scripts, tools, and programs for Red Team operations.
• Manage and improve a cloud-based C2 environment across AWS, Azure, GCP, and Digital Ocean.
• Develop security evasion and bypass techniques.
• Collaborate with other teams for testing detection capabilities via Purple and Red Team exercises.
• Research threats and adhere to Red Team frameworks.
• Create weekly/monthly vulnerability trend reports.

What you will need to succeed?

• 5-7 years’ experience in offensive security or penetration testing.
• Degree in computer science, engineering, or security.
• Experience mentoring junior operators.
• Proven track record in delivering red team reports and briefings.
• Knowledge of security concepts, trends, and practices.
• Problem-solving skills and high technical proficiency.
• Certifications such as OSCP, SANS, CEH, CISSP, CPTS are advantageous.
• Understanding of operating systems, network protocols, and application configurations.
• Strong communication and presentation skills.

Preferred qualifications:

• Experience leading grey/black hat engagements.
• Penetration testing experience in networks, applications, or mobile platforms.
• Reverse engineering skills, including x86 architecture.
• Experience with offensive security tools like Cobalt Strike, EDR Evasion, malware techniques, and pipeline development.
• Proficiency in Active Directory exploitation (On-Prem and Cloud).
• Experience with OSINT, social engineering, and cloud environments (AWS, Azure, Digital Ocean).
• Programming in interpreted (Python, Ruby, PHP) and compiled languages (Java, C, C++, Assembly).

The salary range is from $84,000 to $138,000, depending on location and experience. Sun Life offers various incentive plans based on performance. We value diversity and inclusion and encourage applicants from all backgrounds. Accommodations are available for applicants with disabilities. We support flexible work arrangements. Only shortlisted candidates will be contacted.