Senior Penetration Testing & Red Team Engineer

CCDS is seeking a Senior Penetration Testing & Red Team Engineer to perform advanced offensive security assessments and red team activities. The role focuses on identifying real-world security weaknesses across enterprise and client environments, simulating adversarial attacks, and delivering high-quality technical findings with clear remediation guidance.

Key Responsibilities

• Technical Execution
• • Conduct penetration testing across:
  • • External and internal networks
    • Web applications, APIs, and mobile applications
    • Cloud and hybrid environments
  • Perform exploitation, privilege escalation, and lateral movement within approved scope.
  • Support red team simulations under defined Rules of Engagement (RoE).
• Vulnerability & Risk Analysis
• • Identify, validate, and prioritize security vulnerabilities.
  • Develop proof-of-concept (PoC) exploits where permitted.
  • Analyze root causes, attack paths, and potential business impact.
• Reporting & Documentation
• • Produce clear, accurate, and actionable technical reports.
  • Document exploitation steps, evidence, and impact in a structured manner.
  • Support retesting activities and validation of remediation efforts.
• Collaboration & Technical Support
• • Work closely with team leads and peers throughout engagement lifecycles.
  • Provide technical input during scoping and planning phases.
  • Support and mentor junior engineers through guidance and knowledge sharing.

Requirements

• Required Skills & Experience
• • 4–6 years of hands-on experience in penetration testing and/or red team operations.
  • Strong understanding of:
  • • TCP/IP, operating systems, and Active Directory environments
    • Web application security and OWASP Top 10
    • Common attack techniques, tools, and adversary behaviors
• • Proven ability to work independently on complex testing scenarios.

• Tools & Technologies (Preferred)
• • Burp Suite Pro, Metasploit
  • Nmap, Nikto, SQLmap
  • BloodHound, CrackMapExec
  • Linux environments and scripting (Bash, Python, PowerShell)

• Certifications (Preferred)
• • OSCP, eJPT, CRTP, GWAPT, PNPT (or equivalent)

Benefits

• Medical Insurance
• Paid Time Off
• Training & Development
• Performance Bonus