Red Team Operator

About Us

We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we’re proud to support the global economy.

We’re unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We’re always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200 countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

Swift is unable to sponsor an employment authorization for this position now or in the future.

What to Expect:

In this role you will:

Red Team Operations & Campaign participation

• Be an active participant in end-to-end adversary simulations across enterprise, cloud, and hybrid infrastructures
• Provide input to planning complex Red Team engagements from reconnaissance and initial access through persistence, lateral movement, and data exfiltration
• Execute network, application, wireless, physical, and cloud penetration tests
• Build, operate, and maintain Red Team infrastructure, including command-and-control (C2) ecosystems, phishing platforms and operational security (OPSEC) tooling
• Develop and operationalize custom tooling, payloads, automation and exploitation chains
• Research and implement advanced evasion techniques against SIEM, EDR, and XDR platforms
• Ensure operational realism, safety, and compliance with internal policy, legal constraints, and regulatory requirements
• Align Red Team operations with the MITRE ATT&CK framework and threat-led testing standards (e.g., TIBER)
  
  
  

Collaboration & Strategic Enablement

• Partner with SOC, Threat Intelligence, Risk Management, and Engineering teams to strengthen detection and response maturity
• Mentor and develop junior team members, sharing techniques, lessons learned, and tooling improvements
• Interpret technical exploitation in the context of business risk, control effectiveness, and defensive improvement
• Communicate technical risk clearly to security leadership and key stakeholders
• Produce high-quality After-Action Reports (AARs), executive summaries, and technical documentation
  
  
  

What Success Looks Like In This Role

• Actively participate in Red Team engagements independently and as part of a broader campaign strategy
• Delivers realistic adversary simulations that measurably improve detection and response maturity
• Builds and maintains resilient, covert Red Team infrastructure and tooling ecosystems
• Develops novel exploitation techniques that stress modern defensive controls
• Produces clear, actionable reports aligned to business risk and regulatory expectations
  
  
  

What will make you successful:

We are seeking professionals with:

• Bachelor's degree in computer science or related field
• 5 years of relevant experience
• Offensive Security Certified Professional (OSCP) or similar certifications
• Strong desire to learn and continually evolve both self and team
• Proven experience executing Red Team operations and adversary simulations
• Advanced skills across network, application, cloud, wireless, and hybrid penetration testing
• Strong understanding of the exploitation lifecycle (reconnaissance, initial access, persistence, privilege escalation, lateral movement, data exfiltration)
• Experience with Active Directory exploitation, Linux privilege escalation, kernel-level techniques, and cloud identity systems
• Ability to chain vulnerabilities and bypass modern endpoint detection technologies
• Proficiency with common Red Team tooling, including C2 frameworks, scanners, phishing platforms, and OPSEC tooling
• Familiarity with the MITRE ATT&CK framework and adversary emulation methodologies
• Strong technical writing and reporting capabilities
  
  
  

Preferred Qualifications:

• Experience developing custom exploits, scripts, and automation
• Experience supporting Purple Team exercises and detection engineering
  
  
  

Certifications and Professional Development

Recommended / Supported Path

• Offensive Security Certified Professional (OSCP)
• Certified Red Team Operator Level I (CRTO II) or equivalent advanced adversary simulation certifications
• GIAC Red Team Professional (GRTP), where available
• SANS GXPN (SEC660)
• Cloud exploitation and identity attack specialization training
  
  
  

We support continuous learning and provide structured training, certification sponsorship, and long-term career development opportunities.

Why Join Us

• Actively participate in adversary emulation and Red Team operations at enterprise scale
• Operate as a technical authority to support a continuously maturing Red Team program
• Work alongside a highly technical, security organization
• Influence enterprise-wide security strategy, resilience, and regulatory posture
• Grow your career through advanced training, certifications, and leadership opportunities
• Make a measurable, real-world impact on organizational security outcomes
• A flexible work from home (WFH) schedule
  
  
  

The estimated salary range for a new hire in this position in Virginia is $101,303.00 USD Annual MINIMUM to $188,135.00 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. Our compensation packages include a competitive base salary and bonus opportunity for all employee’s contingent on personal and company performance. Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.

What We Offer

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone’s voice counts and where you can reach your full potential.

We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contact accessibility-Sysgroup@swift.com or indicate this in your application.

Please note that this mailbox is not monitored for general recruitment enquiries and should only be used for accessibility or accommodation-related requests (for example related to vision, hearing or neurodiversity).

All requests are confidential and will not affect your candidacy.

Don’t meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.