Red Team Operator
Company: Redfox Cybersecurity
Location: Mumbai, Maharashtra, India (On-site)
Experience Required: 1-2 Years
Employment Type: Full-time
About Redfox Cybersecurity:
Redfox Cybersecurity is a leading global cybersecurity firm specializing in offensive security operations, threat intelligence, and advanced penetration testing services. With strategic offices in Mumbai (India), Toronto (Canada), Delaware (USA), and London (UK), we serve Fortune 500 companies, government agencies, and enterprises across North America, Europe, Asia-Pacific, and beyond. Our team of elite security professionals is dedicated to protecting organizations against evolving cyber threats through proactive security assessments and cutting-edge offensive security methodologies.
Our global presence enables us to deliver 24/7 security services and maintain deep expertise across diverse regulatory environments, industry sectors, and threat landscapes. As we continue to expand our operations in the Asia-Pacific region, we are seeking talented individuals to join our Mumbai office and contribute to our mission of making the digital world safer.
About the Role:
We are seeking a highly motivated Red Team Operator to join our offensive security team at our Mumbai office. This role offers a unique opportunity to work on diverse, high-impact engagements for clients across multiple industries and geographies. The successful candidate will be part of a collaborative environment that values technical excellence, continuous learning, and innovative approaches to adversarial simulation and threat emulation.
You will work alongside seasoned security professionals from our global offices, gain exposure to complex enterprise environments, and have the opportunity to contribute to real-world red team operations that make a tangible difference in our clients' security posture. This position provides exposure to international projects and the possibility of collaboration with our teams in Toronto, Delaware, and London.
Key Responsibilities:
- Plan and execute full-scope red team engagements simulating advanced persistent threats (APTs) and sophisticated, multi-stage attack scenarios
- Conduct adversary simulation exercises across physical, digital, and social engineering attack surfaces
- Perform assumed breach and objective-based operations to test detection, response, and resilience capabilities
- Identify and exploit vulnerabilities within Active Directory environments, including privilege escalation, lateral movement, and persistence techniques
- Execute red team operations across on-premises, cloud, and hybrid environments
- Conduct initial access operations including phishing campaigns, credential harvesting, and perimeter exploitation
- Emulate real-world threat actor TTPs aligned with the MITRE ATT&CK framework
- Develop detailed technical reports documenting findings, risk assessments, and actionable remediation recommendations
- Present findings and security recommendations to clients and stakeholders
- Collaborate with blue team and security operations teams to improve detection and defensive capabilities through purple team exercises
- Coordinate with global team members across different time zones on multi-regional projects
- Stay current with emerging threats, threat actor groups, attack techniques, and security research
- Contribute to the development of internal tools, custom implants, C2 infrastructure, and red team methodologies
- Participate in knowledge-sharing sessions and mentor junior team members, create course content for Redfox Cybersecurity Academy
- Support business development activities through technical demonstrations and proof-of-concept engagements
Required Qualifications:
- 1-2 years of demonstrated hands-on experience in red teaming, adversary simulation, offensive security operations, and security reporting
- Proficiency with industry-standard red team tools and frameworks (Cobalt Strike, Brute Ratel, Metasploit, BloodHound, Havoc, etc.)
- Strong understanding of Active Directory security architecture, common misconfigurations, and exploitation techniques
- In-depth knowledge of the MITRE ATT&CK framework, threat actor TTPs, and adversary emulation methodologies
- Ability to develop and execute complex, multi-stage attack chains from initial access through to objective completion
- Experience with command-and-control (C2) infrastructure setup, management, and operational security (OPSEC)
- Solid understanding of evasion techniques including AV/EDR bypass, living-off-the-land (LOtL) tactics, and payload obfuscation
- Strong technical writing and documentation skills with attention to detail
- Excellent analytical, problem-solving, and critical thinking capabilities
- Ability to work independently and as part of a distributed global team
- Strong communication skills with the ability to explain technical concepts to non-technical audiences
- Professional demeanor and ability to interact effectively with clients
Optional Qualifications (Good to have):
- Knowledge of cloud security platforms and services (AWS, Azure, Google Cloud Platform) and cloud-specific attack paths
- Experience with container security (Docker, Kubernetes)
- Understanding of DevSecOps practices and CI/CD pipeline security
- Familiarity with compliance frameworks (PCI-DSS, ISO 27001, GDPR, SOC 2, HIPAA)
- Published security research, technical blog posts, or conference presentations
- Contributions to open-source offensive security tools or frameworks
- Experience with scripting and automation for custom tooling development (Python, PowerShell, Bash, C#)
- Familiarity with wireless security, IoT security, or OT/ICS environments
- Experience with physical security assessments and social engineering operations
- Experience working in cross-functional or international teams
What We Offer:
- Competitive compensation package aligned with global standards
- Opportunity to work with an internationally recognized cybersecurity team across four countries
- Exposure to challenging and diverse security projects across multiple industries and geographies
- Access to world-class training programs, certifications, and professional development opportunities
- Collaborative work environment that encourages innovation and knowledge sharing
- Career progression opportunities within a rapidly growing global organization
- Potential for international assignments and cross-office collaborations
- Flexible work policies and employee-friendly leave structure
- Professional certification sponsorship and continuous learning budget
How to Apply:
Interested candidates are requested to submit their updated curriculum vitae to [email protected] with the subject line "Application - Red Team Operator - Mumbai"
Equal Opportunity Employer:
Redfox Cybersecurity is an equal opportunity employer committed to building a diverse and inclusive workplace. We welcome applications from candidates of all backgrounds, experiences, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Join us in our mission to secure the digital world. Be part of a global team that's shaping the future of cybersecurity.
Redfox Cybersecurity | Mumbai | Toronto | Delaware | London
redfoxsec.com
Job Type: Full-time
Work Location: In person
Pay: ₹49,999.00 - ₹59,999.00 per month
Benefits:
Work Location: In person
