Qureos

Find The RightJob.

Red Team Engineer

Job Summary:

CareCloud is seeking a Red Team Engineer who will be responsible for proactively identifying and exploiting security vulnerabilities across the organization’s networks, applications, and infrastructure. This role simulates real-world cyberattack scenarios to assess the effectiveness of existing security controls and enhance the organization’s overall security posture and resilience against emerging threats.

Key Responsibilities:

  • Conduct advanced penetration testing on networks, applications, APIs, and cloud environments
  • Perform red teaming exercises simulating real-world cyberattacks and adversary behaviors
  • Identify, exploit, and validate vulnerabilities in internal and external systems
  • Develop and execute attack scenarios to evaluate detection and response capabilities
  • Bypass security controls such as EDR, SIEM, WAF, and IAM systems
  • Research and test latest vulnerabilities (CVE-based threats) relevant to the organization
  • Perform post-exploitation activities including privilege escalation, lateral movement, and persistence
  • Conduct social engineering assessments (phishing, vishing, etc.) where permitted
  • Collaborate with Blue Team / SOC to improve threat detection and incident response
  • Prepare detailed technical reports outlining findings, risk impact, and remediation recommendations
  • Develop custom scripts, payloads, and tools for offensive security testing
  • Continuously assess and improve the organization’s security posture
  • Stay updated with emerging threats, tools, and adversary tactics (TTPs)

Required Qualifications:

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
  • Minimum 3 years of hands-on experience in penetration testing or red team operations
  • Strong knowledge of Windows, Linux, Active Directory, cloud environments, and enterprise networks.
  • Experience with attack frameworks and adversary emulation.

Preferred Qualifications

  • OSEP
  • OSCP
  • CRTO
  • GXPN

Skills Required

  • Strong understanding of network protocols and operating systems (Windows/Linux)
  • Experience with cloud platforms such as Azure and AWS
  • Proficiency in security testing tools (e.g., Metasploit, Burp Suite, Cobalt Strike, Nmap, BloodHound)
  • Knowledge of MITRE ATT&CK framework and adversary simulation techniques
  • Experience in web application and API security (OWASP Top 10)
  • Understanding of Active Directory attacks and post-exploitation techniques
  • Familiarity with endpoint security controls and evasion techniques
  • Proficiency in scripting/programming (Python, PowerShell, Bash)

Application Question(s):

  • Willing to relocate to Bagh AJK?
  • What is your current salary? (IN PKR)

*
What is your expected salary? (IN PKR)

  • How early you can join us? (IN DAYS)
  • Are you willing to work in Rotational Shift?

Work Location: In person

© 2026 Qureos. All rights reserved.