Senior Red Team Operator

You will plan and execute full scope adversary emulation across cloud platforms pipelines and crypto systems. You will own engagements end to end evaluating environments to find vulnerabilities building the attack scenarios to prove them out and seeing your findings drive real fixes. You will communicate findings clearly and recommend practical mitigations to stakeholders and the blue team. You will mentor blue team members and lead cross team exercises such as purple teaming. You will support incident response with offensive security expertise and contribute to post incident action plans. You will build and improve red team tooling scripts infrastructure methodologies and documentation.

Responsibilities

• Plan and execute red team engagements, pentests, and ad hoc assessments against cloud, development pipelines, web and application layers, source code, and more.
• Apply attacker tactics, techniques, and procedures safely within Figment environments, including detection evasion work.
• Produce clear reports and presentations tailored to both technical and executive audiences.
• Partner with stakeholders, including technical staff, leadership, and legal counsel, to translate findings into risk-appropriate, actionable recommendations.
• Collaborate with the blue team to suggest mitigations, validate fixes, and improve defensive coverage.
• Mentor blue team members and lead cross-team exercises such as purple teaming.
• Support incident response with offensive security technical expertise and contribute to post-incident action plans.
• Build and improve red team tooling, scripts, infrastructure, methodologies, and documentation.

Requirements

• Experience with and strong understanding of cloud platforms, CI/CD pipelines, and supply chains.
• Demonstrated use of AI tools to accelerate offensive work with sound judgment about where they help versus where manual testing is required.
• Offensive expertise in container orchestration including attacking and escaping Docker and Kubernetes (container breakout, RBAC abuse, misconfiguration exploitation).
• Experience performing API and web application assessments.
• Experience performing source code review for security flaws.
• Experience building automations that chain red team tooling together, cutting manual effort across recon, exploitation, and reporting.
• Strong written and verbal communication conveying findings, risk, and remediation to engineers, stakeholders, and executives.
• Industry certifications such as OSCP/OSCE, OSEP, OSWE, GPEN, GCPN, GWAPT, or GXPN are a plus.
• Solid understanding and experience working with GitHub and GitHub Actions.
• Programming skills as well as the ability to read and assess applications written in multiple languages such as Go, Rust, and Ruby.
• Understanding of security risks for blockchain and crypto.

Benefits

• 100% remote-first environment. Our flagship office is in Toronto, Canada. We also have additional co-working spaces in New York, London, and Singapore.
• 4 weeks of PTO that kick in day one, with an additional 1 week of flex days.
• Extended company-paid health benefits that kick in day one.
• Best-in-class parental leave and flexible arrangements.
• A home office stipend to create a space that you enjoy working in.
• Monthly Wi-Fi reimbursement.
• A yearly Learning & Development budget.
• 401K (US) or RRSP match (Canada).
• Stock Options in the company.
• Annual on-site company gatherings and retreats to inspire team bonding, collaboration, and fun!