TELECOMMUTE Lead Penetration Tester/Red Teamer

REQUEST TECHNOLOGY
Chicago, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Chicago, United States of America

Tech stack

Testing (Software)
API
Artificial Intelligence
Software System Penetration Testing
Bash
BASIC (Programming Language)
Burp Suite
Cloud Computing
Cloud Computing Security
Control Objectives for Information and Related Technology (COBIT)
Computer Security
IBM DB2
Database Security
Federal Information Processing Standards (FIPS)
White-Box Testing
Information Management
Systems Analysis
Intrusion Detection and Prevention
Mobile Application Software
Python
Microsoft SQL Server
MySQL
Network Configuration and Change Management
NMap
Open Source Intelligence
Powershell
Red Team (Cyber Security)
Wireshark
Web Applications
Scripting (Bash/Python/Go/Ruby)
Large Language Models
Multi-Agent Systems
GWAPT
Kubernetes
Information Technology
Metasploit
IDA Pro
Nessus
Cyber Warfare
Qualys
Service Stack
Vulnerability Analysis

Job description

  • Execute comprehensive Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security, mobile testing, and OSINT within defined rules of engagement.
  • Develop and deploy Command and Control (C2) infrastructure using evasion and obfuscation techniques to test and enhance Cyber Defense detection capabilities.
  • Leverage AI/LLM tooling to accelerate offensive research, exploit development, and overall Red Team effectiveness.
  • Conduct ad-hoc white-box testing on pre-production and in-development infrastructure and validate remediated findings with IT owners.
  • Perform threat modeling, security risk assessments, and independent reviews of security, network, and applications.
  • Develop clear, evidence-based reports with actionable remediation recommendations and debrief stakeholders on findings.
  • Cross-train Red Team members and other Security/IT teams on adversarial threats, attack vectors, and remediation strategies, enhancing the knowledge and skill base of the organization.

Requirements

  • BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required
  • 7+ Years experience of Penetration testing
  • 7+ Years experience in Information Assurance or Cybersecurity work environments
  • Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
  • Broad expertise across Network/Application, Web Application, and Mobile Application Penetration Testing, Command and Control (C2) Infrastructure Development, Cyber Defense Evasion techniques, Social Engineering, OSINT, Basic Emissions Testing, and Physical Security Testing.
  • Strong working knowledge of AI/LLMs and agentic systems (autonomous agents, orchestration frameworks, MCP) and how they can accelerate offensive security tradecraft across reconnaissance, exploit/payload development, tooling, and findings triage.
  • Good applicable knowledge of policy and procedure development, systems analysis, IA policy, vulnerability and risk management, and regulatory standards (e.g., CSF, NIST, PCI, FIPS 199, COBIT 5).
  • Strong knowledge of cryptography (symmetric, asymmetric, hashing), common enterprise infrastructure technology stacks, and network configurations.
  • Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing
  • Demonstrated exploit, payload, and attack framework development experience
  • Strong knowledge of EDR detection capabilities such as Crowdstrike/Carbon Black, etc. and associated defense evasion techniques for behavioral based alerting
  • Strong proficiency in social engineering and intelligence gathering.
  • Strong experience with custom scripting (Python, Powershell, Bash, etc.) and process automation.
  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
  • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nighthawk, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).
  • Track record of vulnerability research and CVE assignments
  • Knowledge of Windows APIs and Living off the Land (LOL) Binaries

Apply for this position