NetSPI Inc.
Principal Security Consultant (CCSAM/CCRTM) - RTO NetSPI pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modernpentesting. Combining world-class security professionals with AI and automation,NetSPIdelivers clarity, speed, and scale across 50+pentesttypes, attack surface management, and vulnerability prioritization. TheNetSPIplatform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide,NetSPIhas been driving security innovation since 2001. NetSPIis on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at . Join our mission as a Principal Security Consultant. We're seeking a seasoned security professional who combines deep technical expertise in adversarial simulation with exceptional communication skills to engage both executives and technical teams with equal impact. On our globally deployed Red Team you will compromise some of the world's most sophisticated and heavily fortified networks. As an operator, you'll collaborate with industry-leading experts while wielding cutting-edge proprietary tools that set the standard for offensive security operations. In this role, you'll leverage your strategic problem-solving abilities, foster high-performance team dynamics, and drive innovative methodologies to deliver transformative engagements that consistently surpass client expectations. Responsibilities: Lead comprehensive red team operations by serving as the primary technical operator on standard adversarial engagements, where you'll strategically plan scenario execution, orchestrate team resources and timelines, and make critical technical decisions that drive successful outcomes in complex, high-stakes environments. Perform duties aligned to a red team manager and secondary operator on Regulated Red team engagements such as CBEST, TIBER, TLPT, iCAST, FEER etc. This is a dual responsibility where you will be an active operator as well as performing operational governance activities associated with this role in complex regulated red team engagements. Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations. Pioneer cutting-edge offensive security capabilities in coordination with our dedicated malware and capability developers by researching, developing, and operationalizing innovative techniques, proprietary tools, and advanced methodologies that push the boundaries of adversarial simulation and red team effectiveness. Offer mentorship or coaching to growing team members, while sharing knowledge externally through blogs, webinar presentations, or presenting at conferences. Collaborate with cross-functional teams on key activities, including scoping initiatives, providing subject matter expertise in high-stakes sales presentations, and contributing strategic technical insights to marketing campaigns that showcase our capabilities. Help define, document, and continuously refine internal technical processes, service methodologies, and tactical procedures (TTPs) that standardize excellence across all engagements. Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations. Minimum Qualifications: Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience 5+ years of work experience performing adversarial simulation related engagements Due to the nature of the role, the applicant must hold and be able to maintain a current CCRTM or CCSAM certification Familiarity with offensive tools, based on applicable skillset Deep technical familiarity with offensive and defensive IT concepts and protocols Working knowledge of Windows, Linux and MacOS operating systems internals Extensive understanding of the MITRE ATT&CK framework, OWASP Top 10, and other security frameworks Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 10% minimum This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs Preferred Qualifications: Ability to provide technical and QA oversight on the Red Team service line Experience in one or more of the following programming or scripting languages (e.g., Python, PowerShell, Perl, C, C++, C#, Java, Nim, Rust, etc.) We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Principal Security Consultant (CCSAM/CCRTM) - RTO NetSPI pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modernpentesting. Combining world-class security professionals with AI and automation,NetSPIdelivers clarity, speed, and scale across 50+pentesttypes, attack surface management, and vulnerability prioritization. TheNetSPIplatform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide,NetSPIhas been driving security innovation since 2001. NetSPIis on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at . Join our mission as a Principal Security Consultant. We're seeking a seasoned security professional who combines deep technical expertise in adversarial simulation with exceptional communication skills to engage both executives and technical teams with equal impact. On our globally deployed Red Team you will compromise some of the world's most sophisticated and heavily fortified networks. As an operator, you'll collaborate with industry-leading experts while wielding cutting-edge proprietary tools that set the standard for offensive security operations. In this role, you'll leverage your strategic problem-solving abilities, foster high-performance team dynamics, and drive innovative methodologies to deliver transformative engagements that consistently surpass client expectations. Responsibilities: Lead comprehensive red team operations by serving as the primary technical operator on standard adversarial engagements, where you'll strategically plan scenario execution, orchestrate team resources and timelines, and make critical technical decisions that drive successful outcomes in complex, high-stakes environments. Perform duties aligned to a red team manager and secondary operator on Regulated Red team engagements such as CBEST, TIBER, TLPT, iCAST, FEER etc. This is a dual responsibility where you will be an active operator as well as performing operational governance activities associated with this role in complex regulated red team engagements. Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations. Pioneer cutting-edge offensive security capabilities in coordination with our dedicated malware and capability developers by researching, developing, and operationalizing innovative techniques, proprietary tools, and advanced methodologies that push the boundaries of adversarial simulation and red team effectiveness. Offer mentorship or coaching to growing team members, while sharing knowledge externally through blogs, webinar presentations, or presenting at conferences. Collaborate with cross-functional teams on key activities, including scoping initiatives, providing subject matter expertise in high-stakes sales presentations, and contributing strategic technical insights to marketing campaigns that showcase our capabilities. Help define, document, and continuously refine internal technical processes, service methodologies, and tactical procedures (TTPs) that standardize excellence across all engagements. Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations. Minimum Qualifications: Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience 5+ years of work experience performing adversarial simulation related engagements Due to the nature of the role, the applicant must hold and be able to maintain a current CCRTM or CCSAM certification Familiarity with offensive tools, based on applicable skillset Deep technical familiarity with offensive and defensive IT concepts and protocols Working knowledge of Windows, Linux and MacOS operating systems internals Extensive understanding of the MITRE ATT&CK framework, OWASP Top 10, and other security frameworks Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 10% minimum This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs Preferred Qualifications: Ability to provide technical and QA oversight on the Red Team service line Experience in one or more of the following programming or scripting languages (e.g., Python, PowerShell, Perl, C, C++, C#, Java, Nim, Rust, etc.) We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Trustwave
Principal Consultant - Spider Labs (Pen Testing) United Kingdom Job Description Posted Thursday, April 16, 2026 at 11:00 PM LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world's most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Principal Security Consultant - Red Team The Principal Security Consultant role offers an exciting opportunity to work within the world-renowned and truly global SpiderLabs team. The team currently has security consultants throughout North America, Latin and Central America, Europe, Africa, Australia, and Asia. As a Red Team Leader you will deliver red-team engagements and adversary simulation exercises for enterprise clients across the EMEA region. You will lead technical execution (including custom tooling and malware research) and collaborate with client stakeholders. This is a senior technical leader hands on role: you will perform research, be hands on keyboard and mentor others. A more managerial focused role could also be considered for the right candidate. Candidates should be well versed in leading red teaming engagements as well as the softer side of consultancy. Consultants must be able to balance workload, work effectively, and jointly with colleagues within the ever-growing team worldwide. Specific Responsibilities: Lead end-to-end red-team engagements (scoping, execution, debrief and remediation tracking) for enterprise clients in EMEA simulating advanced adversaries. Build, secure, and operate various C2 channels as required by the engagement. Perform exploit development, research and weaponization. Lead client interactions: present technical findings and executive summaries and deliver remediation roadmaps. Mentor junior red teamers, perform code reviews, and contribute to team playbooks and tooling frameworks. Qualifications: Active CCRTS or CCRTM qualification is essential for this role (formerly known as CCSAS or CCSAM, respectively) 5+ years of professional red team experience with demonstrable delivery of client engagements across enterprise environments. Proven experience delivering multi-week red team / adversary emulation engagements to clients (end-to-end). Have experience in developing your own, and enhancing existing offensive security tools, ideally in .NET, C or C++. Solid understanding of Windows internals and Active Directory; good knowledge of Linux/macOS internals. Ability to present at conferences. Is a highly autonomous worker, able to operate with little to no supervision Strong team player and technical innovator with an ability to build and leverage relationships on an inter and intradepartmental basis Ability to create and maintain methodologies and process definitions Experience developing, delivering and managing large consulting engagements Education: A high school diploma or equivalent is required; a college or university degree is a plus. Industry certifications preferred:OSCP, OSCE, OSEE, GXPN, and/or GPEN, CRTO. This role is open to candidates legally authorized to work in the United Kingdom. At LevelBlue, we support flexible work and bring people together in person for key moments based on role, team, and business needs. LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law. To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue's policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.
Principal Consultant - Spider Labs (Pen Testing) United Kingdom Job Description Posted Thursday, April 16, 2026 at 11:00 PM LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world's most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Principal Security Consultant - Red Team The Principal Security Consultant role offers an exciting opportunity to work within the world-renowned and truly global SpiderLabs team. The team currently has security consultants throughout North America, Latin and Central America, Europe, Africa, Australia, and Asia. As a Red Team Leader you will deliver red-team engagements and adversary simulation exercises for enterprise clients across the EMEA region. You will lead technical execution (including custom tooling and malware research) and collaborate with client stakeholders. This is a senior technical leader hands on role: you will perform research, be hands on keyboard and mentor others. A more managerial focused role could also be considered for the right candidate. Candidates should be well versed in leading red teaming engagements as well as the softer side of consultancy. Consultants must be able to balance workload, work effectively, and jointly with colleagues within the ever-growing team worldwide. Specific Responsibilities: Lead end-to-end red-team engagements (scoping, execution, debrief and remediation tracking) for enterprise clients in EMEA simulating advanced adversaries. Build, secure, and operate various C2 channels as required by the engagement. Perform exploit development, research and weaponization. Lead client interactions: present technical findings and executive summaries and deliver remediation roadmaps. Mentor junior red teamers, perform code reviews, and contribute to team playbooks and tooling frameworks. Qualifications: Active CCRTS or CCRTM qualification is essential for this role (formerly known as CCSAS or CCSAM, respectively) 5+ years of professional red team experience with demonstrable delivery of client engagements across enterprise environments. Proven experience delivering multi-week red team / adversary emulation engagements to clients (end-to-end). Have experience in developing your own, and enhancing existing offensive security tools, ideally in .NET, C or C++. Solid understanding of Windows internals and Active Directory; good knowledge of Linux/macOS internals. Ability to present at conferences. Is a highly autonomous worker, able to operate with little to no supervision Strong team player and technical innovator with an ability to build and leverage relationships on an inter and intradepartmental basis Ability to create and maintain methodologies and process definitions Experience developing, delivering and managing large consulting engagements Education: A high school diploma or equivalent is required; a college or university degree is a plus. Industry certifications preferred:OSCP, OSCE, OSEE, GXPN, and/or GPEN, CRTO. This role is open to candidates legally authorized to work in the United Kingdom. At LevelBlue, we support flexible work and bring people together in person for key moments based on role, team, and business needs. LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law. To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue's policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.