Senior Red Team Analyst
Foundation Risk Partners, one of the fastest growing insurance brokerage and consulting firms in the US, is adding a Senior Red Team Analyst to their team.
This role is fully remote with travel once a quarter to the office in Longwood, FL.
Job Summary:
The Red Team Analyst is responsible for conducting adversary simulation and offensive security testing to evaluate the effectiveness of the organizationâs people, processes, and technology against realâworld threats. This role emulates advanced threat actors using recognized frameworks such as MITRE ATT&CK, with the goal of identifying control gaps, detection blind spots, and response inefficiencies.
This role works independently from dayâtoâday the Blue Team (Security Operations and Security Engineering) partners closely GRC, and executive leadership to provide objective, evidenceâbased assessments that drive continuous improvement in the organizationâs security posture.
Essential Functions:
Adversary Simulation & Red Team Operations
Design and execute red team exercises, including assumed breach, black box, gray box, and purple teamâassisted scenarios.
Emulate realistic threat actor behavior across the kill chain, including reconnaissance, initial access, persistence, privilege escalation, lateral movement, command and control, and exfiltration.
Develop and maintain custom attack techniques and tooling aligned to evolving threat intelligence and MITRE ATT&CK techniques.
Conduct phishing, social engineering, and identity centric attack simulations where authorized.
Detection & Control Validation
Test the effectiveness of preventative, detective, and responsive controls across endpoints, identity, email, network, and cloud environments.
Identify detection gaps and false negatives in security tooling, such as SIEM, XDR, EDR, and identity protection platforms.
Produce measurable outcomes on time to detect (TTD) and time to respond (TTR) to inform operational maturity.
Purple Team Collaboration
Partner with Blue Team to safely validate detections during controlled exercises.
Translate offensive findings into actionable defensive improvements, including detection engineering use cases
Participate in post exercise debriefs and lessons learned sessions.
Reporting & Executive Communication
Produce clear, defensible reports detailing attack paths, findings, blast radius, and business impact.
Map findings to MITRE ATT&CK, NIST CSF, and internal control frameworks to support audit and risk management activities.
Present results to technical teams and executive leadership in a way that balances realism with risk context.
Continuous Improvement
Track remediation progress and validate corrective actions through targeted retesting.
Stay current on emerging threats, red team tooling, and adversary tradecraft.
Contribute to the organizationâs offensive security roadmap and annual testing strategy.
Qualifications:
3â7+ years of experience in offensive security, penetration testing, red teaming, or advanced security engineering.
Strong understanding of Windows, Active Directory, Entra ID, Azure, Microsoft 365, and cloud identity attack paths.
Handsâon experience with red team and offensive tools (e.g., C2 frameworks, custom payloads, phishing infrastructure).
Deep familiarity with the MITRE ATT&CK framework and threatâactorâdriven testing methodologies.
Ability to write clear, highâquality technical reports suitable for auditors and executives.
Preferred Qualifications:
Experience operating in Microsoft Defender, Sentinel, and XDRâcentric environments.
Prior experience supporting SOC 2 Type II, ISO 27001, or similar regulatory and audit programs.
Red team or offensive security certifications such as: o CRTO / CRTO II o OSCP / OSEP / OSED o GWAPT / GXPN.
Background in detection engineering, purple teaming, or incident response.
Key Skills & Competencies:
Adversary mindset with strong ethical grounding.
Excellent documentation and communication skills.
Strong scripting or programming capability (PowerShell, Python, C#, etc.).
Ability to work independently with minimal supervision.
High degree of professionalism when handling sensitive access and findings.
Disclaimer:
While this job description is intended to be an accurate reflection of the job requirements, management reserves the right to modify, add, or remove duties from particular jobs and to assign other duties as necessary.
Equal Employment Opportunity (EEO):
FRP provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or any other classifications protected by law.
Benefits:
FRP offers a comprehensive range of health-related benefit options including medical, vision, and dental. We offer a 401(k) with company match, company paid life insurance, STD, LTD and a generous PTO policy starting at 18 days per year plus 10 paid holidays & 2 floating holidays!
This role is fully remote with travel once a quarter to the office in Longwood, FL.
Job Summary:
The Red Team Analyst is responsible for conducting adversary simulation and offensive security testing to evaluate the effectiveness of the organizationâs people, processes, and technology against realâworld threats. This role emulates advanced threat actors using recognized frameworks such as MITRE ATT&CK, with the goal of identifying control gaps, detection blind spots, and response inefficiencies.
This role works independently from dayâtoâday the Blue Team (Security Operations and Security Engineering) partners closely GRC, and executive leadership to provide objective, evidenceâbased assessments that drive continuous improvement in the organizationâs security posture.
Essential Functions:
Adversary Simulation & Red Team Operations
Design and execute red team exercises, including assumed breach, black box, gray box, and purple teamâassisted scenarios.
Emulate realistic threat actor behavior across the kill chain, including reconnaissance, initial access, persistence, privilege escalation, lateral movement, command and control, and exfiltration.
Develop and maintain custom attack techniques and tooling aligned to evolving threat intelligence and MITRE ATT&CK techniques.
Conduct phishing, social engineering, and identity centric attack simulations where authorized.
Detection & Control Validation
Test the effectiveness of preventative, detective, and responsive controls across endpoints, identity, email, network, and cloud environments.
Identify detection gaps and false negatives in security tooling, such as SIEM, XDR, EDR, and identity protection platforms.
Produce measurable outcomes on time to detect (TTD) and time to respond (TTR) to inform operational maturity.
Purple Team Collaboration
Partner with Blue Team to safely validate detections during controlled exercises.
Translate offensive findings into actionable defensive improvements, including detection engineering use cases
Participate in post exercise debriefs and lessons learned sessions.
Reporting & Executive Communication
Produce clear, defensible reports detailing attack paths, findings, blast radius, and business impact.
Map findings to MITRE ATT&CK, NIST CSF, and internal control frameworks to support audit and risk management activities.
Present results to technical teams and executive leadership in a way that balances realism with risk context.
Continuous Improvement
Track remediation progress and validate corrective actions through targeted retesting.
Stay current on emerging threats, red team tooling, and adversary tradecraft.
Contribute to the organizationâs offensive security roadmap and annual testing strategy.
Qualifications:
3â7+ years of experience in offensive security, penetration testing, red teaming, or advanced security engineering.
Strong understanding of Windows, Active Directory, Entra ID, Azure, Microsoft 365, and cloud identity attack paths.
Handsâon experience with red team and offensive tools (e.g., C2 frameworks, custom payloads, phishing infrastructure).
Deep familiarity with the MITRE ATT&CK framework and threatâactorâdriven testing methodologies.
Ability to write clear, highâquality technical reports suitable for auditors and executives.
Preferred Qualifications:
Experience operating in Microsoft Defender, Sentinel, and XDRâcentric environments.
Prior experience supporting SOC 2 Type II, ISO 27001, or similar regulatory and audit programs.
Red team or offensive security certifications such as: o CRTO / CRTO II o OSCP / OSEP / OSED o GWAPT / GXPN.
Background in detection engineering, purple teaming, or incident response.
Key Skills & Competencies:
Adversary mindset with strong ethical grounding.
Excellent documentation and communication skills.
Strong scripting or programming capability (PowerShell, Python, C#, etc.).
Ability to work independently with minimal supervision.
High degree of professionalism when handling sensitive access and findings.
Disclaimer:
While this job description is intended to be an accurate reflection of the job requirements, management reserves the right to modify, add, or remove duties from particular jobs and to assign other duties as necessary.
Equal Employment Opportunity (EEO):
FRP provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or any other classifications protected by law.
Benefits:
FRP offers a comprehensive range of health-related benefit options including medical, vision, and dental. We offer a 401(k) with company match, company paid life insurance, STD, LTD and a generous PTO policy starting at 18 days per year plus 10 paid holidays & 2 floating holidays!