Red Team Operator - Associate

We are seeking a highly skilled and experienced Red Team Operator to join our offensive security team. The ideal candidate will have a strong background in adversarial emulation, penetration testing, and threat‑led operations, with the ability to think creatively and execute complex attack scenarios. This role requires deep technical expertise, strong communication skills, and a passion for cybersecurity. This is a hybrid role requiring attendance at our Tralee office.

• Lead and execute full‑scope red team engagements and adversarial emulations.
• Perform web application and infrastructure penetration testing.
• Collaborate with blue teams during purple team exercises to enhance detection and response capabilities.
• Develop and execute attack chains aligned with the MITRE ATT&CK framework.
• Utilize and customize C2 frameworks such as Sliver, Scythe, Metasploit, and others.
• Conduct Active Directory enumeration and exploitation.
• Perform cloud penetration testing across major platforms (AWS, Azure, GCP).
• Develop custom vulnerabilities and offensive tooling.
• Write detailed, high‑quality reports and present findings to both technical and non‑technical stakeholders, including C‑level executives.
• Maintain and develop custom tools and scripts in languages such as Python, C++, Java, C#, PowerShell, and Bash.
• Stay current with emerging threats, vulnerabilities, and offensive security techniques.
• Maintain and create detailed documentation of all team activities.
• Conduct Wi‑Fi penetration testing.

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• OSEP, OSCP, or other recognized industry certifications.
• Minimum 5 years in penetration testing, red teaming, or adversarial emulation.
• Proficiency in one or more programming/scripting languages: Python, C++, Java, C#, PowerShell, Bash.
• Strong Linux skills and familiarity with Kali Linux.
• Deep understanding of Active Directory and Windows internals.
• Hands‑on experience with tools such as BloodHound, Metasploit, Sliver, Scythe, and BURP Suite.
• In‑depth knowledge of MITRE ATT&CK and OWASP Top 10.
• Excellent verbal and written communication skills.
• Ability to translate complex technical findings into business‑relevant language.
• Strong organizational and time‑management skills.
• Attention to detail in documentation and reporting.

• Experience in threat‑intelligence‑driven operations.
• Familiarity with purple‑team methodologies.
• Contributions to open‑source security tools or research.
• Strong understanding and familiarity with financial industry regulations.
• Demonstrated experience in custom vulnerability development.
• Experience with cloud penetration testing (AWS, Azure, GCP).

SMBC’s employees participate in a hybrid workforce model that provides the opportunity to work from home as well as from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during the interview process.

SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.