Senior Red Team Operator, Waterford

Job Description

Position Summary:

The primary objectives for the Information Security team are to protect confidential and sensitive information and to maintain operational stability resulting from cyber-attacks. Offensive Security (Red Team) members contribute to these objectives by performing assessments that proactively identify security exposures within the Sun Life environment that go beyond the realm of traditional penetration testing. A successful senior red team operator, specializing in offensive security, must possess a diverse set of competencies to effectively simulate cyberattacks and identify vulnerabilities within an organization's systems. Firstly, a deep understanding of various attack vectors and techniques is essential, including knowledge of malware, social engineering, and exploit development. Additionally, proficiency in network and application penetration testing is crucial for identifying weaknesses in infrastructure and software. Strong analytical skills are necessary to assess risks and prioritize targets accurately. Effective communication skills are vital for conveying findings and recommendations to stakeholders. Finally, adaptability and creativity are indispensable traits for devising innovative attack strategies and staying ahead of evolving threats in the cybersecurity landscape.

What you will do

The essential functions and responsibilities of this position include but are not limited to the following:

Offensive Security Program Ownership

Own the end‑to‑end offensive security lifecycle, including planning, scoping, scheduling, execution oversight, reporting, remediation tracking, and closure

Define and continuously improve offensive security processes, playbooks, standards, and engagement models

Ensure offensive security activities align with enterprise risk priorities, threat intelligence, and regulatory expectations

Planning, Scheduling & Coordination

Lead annual and quarterly offensive security planning, ensuring coverage across critical assets, applications, and business services

Coordinate schedules for Red Team exercises, adversary emulation, purple team activities, and third‑party engagements

Act as the single point of orchestration between Red Team operators, detection/defensive teams, engineering partners, and external vendors

Delivery Oversight (Red & Purple Team)

Provide delivery oversight for Red Team assessments, adversary emulation exercises, and detection validation activities

Ensure engagements are executed in accordance with approved rules of engagement, legal, operational, and risk constraints

Support Purple Team exercises by ensuring findings are actionable and mapped to detection and response improvements (e.g., MITRE ATT&CK)

Remediation Tracking & Issue Management

Own the lifecycle tracking of offensive security findings from identification through remediation and validation

Partner with technology and engineering teams to ensure clear ownership, prioritization, and timelines for remediation

Track exceptions, compensating controls, and deferred risks in line with enterprise risk processes

Validate closure of issues through retesting or evidence‑based assurance

Audit & Assurance Facilitation

Act as the primary point of contact for audit, regulatory, and assurance activities related to offensive security

Prepare evidence, artifacts, walkthroughs, and responses for internal audit, external audit, and regulatory reviews

Ensure offensive security activities are defensible, repeatable, and well‑documented

Advisory & Stakeholder Engagement

Provide advisory support to application, infrastructure, and platform teams on secure design and threat exposure

Influence upstream risk reduction by advising on patterns observed through offensive testing

Build strong working relationships across security, engineering, IT operations, and risk teams

Program Maturity & Continuous Improvement

Identify opportunities to improve efficiency, coverage, and impact of offensive security activities

Incorporate lessons learned, emerging threats, and control gaps into future plans

Support capability uplift across offensive security, detection engineering, and vulnerability management

Position Requirements and Qualifications:

5-7 years’ experience in operational Cyber Security roles

University degree in computer science, computer engineering or computer security.

A strong understanding of information security concepts and security trends and practices

Problem solving with creative solutions.

Maintain high technical knowledge of systems and solutions.

Industry certifications (SANS/CEH/CISSP) are a strong asset.

Strong communication and presentation skills

Preferred knowledge or qualifications in the following:

Defense in depth security concepts including CISA, MITRE, NIST, TIBAS, CREST, I-CRT, TIBER-EU frameworks.

Service Now

Confluence

Job Category:

Posting End Date: