Penetration Tester

The Red Team Lead at Acora is responsible for establishing, maturing, and leading our full-spectrum red team capability. This includes the planning and execution of complex adversary simulations, managing red team operators, and working across technical and business teams to strengthen client security postures. You will be the link between deep technical offensive operations and business-level risk strategy, ensuring that findings are communicated clearly, accurately, and in a manner suitable for executive audiences. This role is both strategic and operational, emphasizing leadership, innovation, and the continuous enhancement of Acora’s cyber security services.

• Significant experience conducting red team operations, adversary simulations, or advanced offensive assessments.
• Strong understanding of enterprise operating systems (Windows, Linux), cloud platforms (Azure, AWS), and hybrid environments.
• Proficiency in offensive tooling, payload development, and scripting languages such as PowerShell, Python, or C#.
• Strong ability to articulate technical details clearly and translate them into meaningful business risk.
• Proven leadership or mentoring experience within offensive security teams.

• Lead the design, planning, and execution of realistic adversary emulation campaigns across varied enterprise environments.
• Develop and maintain red team TTPs aligned to real-world threat actor behaviours and the MITRE ATT&CK framework.
• Embed red team outcomes into Acora’s ‘Attack Informs Defence’ philosophy to help clients detect, contain, and mitigate threats.
• Enhance red team tooling, automation capabilities, and operational infrastructure.
• Collaborate with Managed SOC, Incident Response, Consulting, and Threat Intelligence to ensure findings support broader cyber programmes.
• Promote operational excellence, innovation, and safe, ethical testing practices.
• Lead and mentor a growing team of red team operators, offering structured development, coaching, and guidance.
• Support career pathways, training programmes, and competency frameworks for junior and mid-level operators.
• Conduct technical quality assurance reviews, ensuring accuracy, clarity, and operational consistency.
• Assist in hiring, onboarding, and expanding Acora’s offensive security capability.
• Translate complex technical exploit chains and attack paths into concise business language suitable for senior and executive stakeholders.
• Deliver clear, compelling presentations to technical teams, CISOs, and board-level audiences.
• Produce detailed technical documentation, executive summaries, and remediation roadmaps tailored to client needs.
• Work with consulting and strategy teams to ensure red team insights inform broader organisational security improvements.