Broxer
Join
Sun Life

Senior Red Team Operator

Sun Life

Waterford, County Waterford, Ireland · Full Time

Be the first to apply

Experience
5–7 yrs
Salary
Openings
1
Posted
5 days ago
Work mode
In office
Education
University degree in computer science, computer engineering, or computer security
Eligibility
Experienced cybersecurity professionals with a university degree in a computing or security-related field who are interested in offensive security and red team work may apply.
Resume
Required to apply

Where you'll work

Job description

About the Role

Join a global team where your perspective, experience, and background are valued. You will be supported to do your best work alongside experienced colleagues who share knowledge freely and help each other grow. The role sits within Information Security and focuses on protecting sensitive information and preserving operational resilience against cyber threats.

Role Overview

This position is part of the Offensive Security function. The team conducts proactive security assessments that go beyond standard penetration testing to uncover weaknesses across the environment. As a senior red team operator, you will help simulate real-world attacks, evaluate exposure, and strengthen the organization’s overall cyber defense posture.

The role calls for broad offensive security capability, including familiarity with malicious tooling, social engineering techniques, exploit development, network and application testing, risk analysis, and the ability to communicate findings clearly to different stakeholders. Creativity, adaptability, and strong judgement are essential in order to keep pace with changing threats.

What You Will Do

  • Take ownership of the full offensive security process, from scoping and planning through execution oversight, reporting, remediation follow-up, and final closure.
  • Continuously refine playbooks, standards, operating procedures, and engagement methods for offensive security work.
  • Make sure all offensive testing supports enterprise risk priorities, threat intelligence inputs, and applicable regulatory requirements.
  • Lead annual and quarterly planning for offensive security coverage across important systems, applications, and business services.
  • Coordinate schedules for red team exercises, adversary emulation, purple team sessions, and third-party engagements.
  • Serve as the main coordinator between red team operators, detection and defense teams, engineering partners, and outside vendors.
  • Oversee delivery of red team assessments, adversary emulation, and detection validation activities.
  • Ensure all activity stays within approved rules of engagement and legal, operational, and risk boundaries.
  • Support purple team work by making sure results can be turned into practical detection and response improvements, including mapping to MITRE ATT&CK where relevant.
  • Track offensive security findings from discovery through remediation and validation.
  • Work with technology and engineering groups to clarify ownership, set priorities, and agree timelines for fixes.
  • Manage exceptions, compensating controls, and deferred risks through the enterprise risk process.
  • Confirm issue closure through retesting or other evidence-based checks.
  • Act as the central contact for audit, regulatory, and assurance activities connected to offensive security.
  • Prepare supporting evidence, walkthrough materials, artifacts, and formal responses for internal audits, external audits, and regulatory reviews.
  • Ensure testing activities are well documented, repeatable, and able to stand up to scrutiny.
  • Advise application, infrastructure, and platform teams on secure design and exposure to threats.
  • Use insights from offensive testing to encourage upstream risk reduction.
  • Build effective relationships with security, engineering, IT operations, and risk stakeholders.
  • Identify ways to improve the efficiency, breadth, and impact of offensive security programs.
  • Fold lessons learned, emerging threats, and control weaknesses into future planning.
  • Help uplift capabilities across offensive security, detection engineering, and vulnerability management.

Requirements

  • 5 to 7 years of experience in operational cybersecurity roles.
  • A university degree in computer science, computer engineering, or computer security.
  • Solid understanding of information security principles, current security trends, and standard practices.
  • Ability to solve problems creatively and design practical solutions.
  • Strong technical depth across systems and security solutions.
  • Industry certifications such as SANS, CEH, or CISSP are considered a strong advantage.
  • Well-developed communication and presentation skills.
  • Preferred familiarity with defense-in-depth concepts and frameworks such as CISA, MITRE, NIST, TIBAS, CREST, I-CRT, and TIBER-EU.
  • Exposure to ServiceNow and Confluence is preferred.

Additional Information

This position is based in Waterford, County Waterford, Ireland and is a full-time onsite role. The job category is IT - Technology Services. Applications are open until 10/07/2026.

Skills

Audit Support Stakeholder Communication Penetration Testing MITRE ATT&CK Cybersecurity Risk Assessment Threat Intelligence Offensive Security Security Reporting Red team operations Remediation Tracking Adversary Emulation Secure Design Advisory

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files