Red Team Member (Tooling & Adversary Research)

Dark Wolf is seeking a Red Teamer for our pack. As a Red Team professional, you will assist in the architecture for the offensive capabilities used in high-stakes security assessments. Unlike a standard operator role, this position focuses heavily on the pre-operational phase: developing custom tooling, weaponizing exploits, and engineering infrastructure that mirrors the sophistication of modern Advanced Persistent Threats (APTs). You will bridge the gap between adversary research and operational execution, ensuring the team has the technical edge to bypass state-of-the-art defenses.

Core Responsibilities May Include

• Adversary Capability Development: Research, develop, and maintain custom offensive toolsets, including C2 frameworks, initial access payloads, and post-exploitation modules.
• Tactics Engineering: Translate intelligence on real-world adversary behaviors into actionable playbooks and automated tradecraft.
• Infrastructure Design: Architect and deploy resilient, obfuscated redirector networks and command-and-control (C2) infrastructure that evades EDR/XDR and NDR solutions.
• Evasion Research: Conduct deep-dive analysis into modern defensive technologies (AMSI, ETW, Kernel-level monitoring) to develop novel bypass techniques.
• Operational Readiness: Support active operations by providing real-time troubleshooting for custom tools and adapting payloads mid-engagement to overcome specific defensive hurdles.
• Knowledge Transfer: Mentor Red Team operators on the technical nuances of advanced tactics and ensure the "how" and "why" of adversary techniques are understood across the security organization.
• Active Top Secret Security clearance. 

Desired Technical Qualifications

• Advanced Adversary Knowledge: Understanding of the MITRE ATT&CK® framework and the ability to emulate the full lifecycle of an APT.
• Offensive Programming: Competent in low-level languages (C/C++, Rust, or Go) and scripting languages (Python, PowerShell, or C#) for tool development and memory injection techniques.
• Exploit Weaponization: Experience taking proof-of-concept (PoC) code and refining it into stable, operationally ready exploits.
• Environment Mastery: Deep understanding of Windows Internals (PE format, API hooking, process hollowing) and/or Linux/Cloud architecture (AWS, Azure, GCP) from an offensive perspective.
• Defense Evasion: Proven track record of bypassing modern security stacks, including advanced Endpoint Detection and Response (EDR) and Next-Gen Firewalls.

Preferred Skills & Certifications

• Certifications: Technical designations such as OSEP (Offensive Security Experienced Penetration Tester), CRTO (Certified Red Team Operator), CRTL (Certified Red Team Leader) or GXPN (Giac Exploit Researcher and Advanced Penetration Tester).
• DevOps Mindset: Experience with CI/CD pipelines and infrastructure-as-code (Terraform, Ansible) to rapidly deploy and tear down operational environments.

The Ideal Candidate

The ideal candidate is a technical specialist who thinks like an engineer but acts like an adversary. You are someone who isn't satisfied with using "off-the-shelf" tools and prefers to understand the underlying code to modify it for specific mission requirements. You thrive in the "preparation" phase, knowing that a successful operation is won or lost before the first packet is sent. This a role that will include hybrid on site duties. 

The estimated salary range for this position is $155,000.00 - $180,000.00, commensurate on experience and technical skillset. 

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.