NuHarbor Security · 5 days ago
Red Team Operator III
Colchester, Vermont
Full-time
Hybrid
Senior Level, Lead/Staff
$124K/yr - $152K/yr
8+ years expNuHarbor Security is dedicated to enhancing the cybersecurity of its clients through a comprehensive suite of security services. The Red Team Operator III will conduct advanced offensive security engagements to identify risks and vulnerabilities, utilizing established tools and techniques to improve client security posture.
ConsultingCyber SecurityEnterpriseNetwork SecuritySecurity
No H1B
U.S. Citizen Only
Responsibilities
Live the NuHarbor Ways: Help Clients Win, Always Improve, Protect the House
Execute Offensive Engagements: Plan and perform complex red team and adversary emulation exercises aligned to real-world threat actor TTPs (e.g., MITRE ATT&CK), including initial access, privilege escalation, lateral movement, persistence, and data exfiltration
Develop Threat-Informed Attack Paths: Use threat intelligence to design realistic attack scenarios across enterprise, cloud, and hybrid environments
Apply Offensive Techniques: Utilize industry-standard tools and frameworks (e.g., Cobalt Strike, Mythic, CALDERA) to conduct engagements with strict adherence to OPSEC and Rules of Engagement
Document and Communicate Findings: Produce clear, comprehensive technical reports and executive summaries that outline vulnerabilities, business impact, and remediation guidance
Collaborate with Defensive Teams: Work with blue teams to validate detection coverage and provide feedback on improving detection and response capabilities
Continuous Learning: Stay current with emerging attack vectors, vulnerabilities, and red team methodologies to evolve tradecraft and engagement quality
Qualification
Required
Bachelor's Degree and eight (8+) years of experience in offensive cybersecurity (red teaming, penetration testing, or threat emulation)
In lieu of a degree: four (4) years of experience in a related technology field and relevant industry certifications (OSCP, OSWE, GPEN, GXPN, CRTO, etc.)
Adversary Emulation Tools: Hands-on experience with frameworks such as Cobalt Strike, Mythic, CALDERA, or equivalent
Operating Systems & Identity: Strong understanding of attack surfaces across Windows, Linux, macOS, Active Directory, and Azure AD
Cloud Environments: Experience performing offensive testing in AWS, Azure, or GCP environments
Scripting & Automation: Ability to script in Python, PowerShell, or Bash for automation and tradecraft development
Networking & Security Fundamentals: Solid knowledge of TCP/IP, network protocols, and common security concepts
Reporting: Ability to produce clear technical documentation and executive summaries
Citizenship: Must be a U.S. citizen
Preferred
Certifications: OSWE, OSCP, CISSP, GPEN, GXPN; plus GRTP, OSEP, OSCE, CRTO, CRTE or equivalent experience
Familiarity with C2 infrastructure design and operational security practices
Understanding of secure coding principles and modern infrastructure design
Knowledge of incident response processes and defensive detection engineering principles
Experience executing attack paths in AWS, Azure, GCP and hybrid environments; understanding cloud security controls and misconfigurations
Strong written and verbal communication skills
Benefits
Company bonus plan at a 10% target
Paid time to give back in your community
Generous PTO
Company
NuHarbor Security
NuHarbor Security is an end-to-end cybersecurity services company with a focus on best of breed security technologies.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Rupal Patel
Chief Financial Officer
Recent News
vermontbiz.com
2025-10-19
2025-07-18
Help Net Security
2025-04-15
Company data provided by crunchbase