2 Domain Escalation Jobs

Job Title: Lead Assistant Manager - Offensive Security (IC Role) We are looking for a skilled offensive security professional to take a leading role in executing and enhancing our offensive security operations. This is an individual contributor (IC) position, with Lead reflecting the expectation to drive engagements technically and operationally - not people management. The ideal candidate will have 3-5 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a solid understanding of attacker tradecraft and the ability to execute advanced offensive assessments. You will be responsible for planning, executing, and reporting on offensive engagements that accurately reflect real-world threats, working closely with internal teams to strengthen detection and response capabilities. Key Responsibilities: Lead offensive security engagements end-to-end - from scoping and planning to execution and reporting. Conduct red team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using realistic tactics, techniques, and procedures (TTPs) such as privilege escalation, lateral movement, and domain dominance. Participate in Purple Team exercises to enhance defensive detection and response. Maintain and improve offensive methodologies, tools, and playbooks. Deliver high-quality technical reports and concise executive summaries, clearly outlining attack paths, risks, and recommendations. Keep up to date with evolving attack techniques and integrate them into testing activities. Experience: 3-5 years of experience in red teaming, penetration testing, or other offensive security roles. Proven ability to execute and coordinate complex offensive security operations. Hands-on experience with enterprise environments, including Active Directory and cloud platforms. Technical Skills: Strong understanding of Windows and Linux internals, enterprise AD security, and common cloud attack surfaces. Proficiency in offensive techniques: lateral movement, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and post-exploitation tradecraft. Familiarity with tools such as BloodHound, Mimikatz, Rubeus, Responder, SharpHound, and Burp Suite. Working knowledge of the MITRE ATT&CK framework. Scripting skills in PowerShell, Python, or Bash for automation and PoC development. Communication & Reporting: Strong technical documentation skills, translating offensive findings into clear, actionable reports. Ability to explain technical vulnerabilities and attack paths to both technical teams and leadership. Preferred Qualifications: Experience with Purple Team exercises. Familiarity with threat intelligence-led testing methodologies. Exposure to AppSec testing. Relevant certifications (e.g., OSCP, CRTO, CRTP, OSEP) are a plus.

Job Title: Manager - Offensive Security (IC Role / Operational Lead) We're seeking a highly skilled offensive security specialist to lead and drive offensive security operations within our cybersecurity program. While this is an individual contributor (IC) position, the title Manager reflects the role's strategic and operational leadership - not people management. The ideal candidate will have 5-7 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a strong grasp of attack techniques and the ability to plan, coordinate, and execute advanced offensive assessments. You will be responsible for shaping offensive engagements, guiding technical direction, collaborating with internal teams, and ensuring that offensive operations align with real-world threats and business risk. If you're a technically strong operator who can lead from the front , connect offensive insights to organizational impact, and drive continuous improvement in testing capabilities, this role is for you. Key Responsibilities: Lead offensive security operations end-to-end - from scoping and planning to execution and reporting. Design, coordinate, and execute advanced attack simulations aligned to the MITRE ATT&CK framework. Develop and lead Red Team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using real-world TTPs including privilege escalation, lateral movement, and domain dominance. Collaborate closely with defensive teams during Purple Team exercises to enhance detection and response capabilities. Own and improve Red Team methodologies, tools, playbooks, and workflows. Deliver high-quality technical reports and executive-level summaries with clear articulation of attack paths, risks, and mitigations. Stay ahead of the curve on evolving attacker techniques and incorporate them into offensive strategy. Mentor junior red teamers and act as the primary technical escalation point for offensive assessments. Represent offensive operations in internal security reviews and technical steering meetings. Experience: 5-7 years of hands-on experience in Red Teaming, Penetration Testing, or Offensive Security roles. Proven experience in leading complex offensive assessments across enterprise environments. Experience in managing offensive operations, engagement lifecycle, and cross-team coordination. Technical Skills: Deep understanding of Windows and Linux internals, enterprise AD security, and cloud attack surfaces. Proficient in lateral movement techniques, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Comfortable with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and OPSEC-aware post-exploitation. Hands-on experience with tools like BloodHound, Mimikatz, Rubeus, Responder, SharpHound, Burp Suite, etc. Strong familiarity with the MITRE ATT&CK framework and applying it operationally. Scripting experience in PowerShell, Python, or Bash for PoCs, tooling, or automation. Communication & Reporting: Strong technical documentation and reporting skills - ability to translate offensive findings into structured, actionable reports. Ability to confidently present findings, attack paths, and risk narratives to both technical and leadership stakeholders. Skilled in articulating the business impact of technical vulnerabilities and threat scenarios. Preferred Qualifications: Experience leading Purple Team engagements and cross-functional security exercises. Exposure to threat intelligence-led Red Teaming methodologies (e.g., TIBER-EU, CBEST). Familiarity with Application Security (AppSec) testing methodologies. Exposure to AI/ML Red Teaming or adversarial testing of AI models and pipelines. Understanding of EDR/AV evasion, payload delivery, and defense bypass strategies. Experience in building offensive tools or attack automation frameworks. Relevant certifications: OSCP, CRTO, CRTP, OSEP , or equivalent.