Job Description

Job Responsibilities:

As a Global Red Team Operator at the Assistant Vice President level, you will play a key role in executing advanced adversary simulation exercises that test and improve MUFG's global security posture. This role is ideal for professionals with a strong foundation in offensive security and a demonstrated ability to plan and execute Red Team operations. You will collaborate with senior operators, threat intelligence, and detection engineering teams to emulate real-world threats, identify gaps, and drive measurable improvements in detection and response capabilities.

Red Teaming Responsibilities:

Lead and execute Red Team engagements that simulate advanced persistent threats across enterprise environments Develop and apply Tactics, Techniques, and Procedures (TTPs) aligned with MITRE ATT&CK to test detection and response capabilities Conduct adversary emulation, lateral movement, privilege escalation, and persistence operations Reverse engineer proof-of-concept exploits and assess their applicability to MUFG's environment Collaborate with Blue Team and Detection Engineering to validate findings and improve detection logic Document and present findings, attack paths, and remediation recommendations to technical and executive audiences Contribute to the development and maintenance of internal Red Team tools, scripts, and infrastructure Mentor junior analysts and contribute to team knowledge sharing and skill development Stay current on emerging threats, vulnerabilities, and offensive security techniques

Job Requirements:

Minimum 5 years of experience in information security or IT, with at least 3 years focused on Red Team operations or offensive security. Offensive security certifications such as OSCP, CRTO, OSEP Experience in advanced penetration testing engagements in complex enterprise environments. Bachelor's degree in Computer Science, Cybersecurity, or related field Demonstrated experience conducting Red Team or advanced penetration testing engagements Familiarity with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver), evasion techniques, and post-exploitation tooling Proficient in scripting or programming languages (e.g., Python, PowerShell, Bash, C/C++) Strong understanding of Windows and Linux internals, Active Directory, and enterprise network architecture Experience with vulnerability research, exploit development, and threat emulation Familiarity with security frameworks such as MITRE ATT&CK, NIST-CSF, and OWASP Excellent communication skills, including the ability to translate technical findings into business impact Demonstrated ability to identify and exploit security gaps through Red Teaming exercises across enterprise environments



We regret to inform that only shortlisted applicants will be notified.

Job ID: 10071359