[Hiring] Senior Red Teamer @Nelnet

Role Description

Nelnet's Senior Red Teamers are responsible for planning and executing full-scope offensive security engagements that simulate advanced persistent threats against the enterprise. This role encompasses end-to-end red team engagement lifecycle ownership, custom tooling development, and the advancement of internal TTPs to reflect the current threat landscape. The Senior Red Teamer serves as a technical authority within the Offensive Operations team, providing mentorship and technical guidance to junior practitioners and contributing to the maturation of the Red Team program. This is an individual contributor role with technical leadership responsibilities; it does not include direct reports or people management.

• Own and contribute to the full lifecycle of red team engagements, including scoping, rules of engagement definition, threat modeling, operational planning, execution, deconfliction, and post-engagement reporting.
• Conduct advanced penetration testing and adversary simulation across all technical and physical attack surfaces, including web applications, APIs, servers, network infrastructure, cloud environments, Windows Active Directory, mobile applications, and physical access controls.
• Develop and maintain custom offensive tooling, exploits, payloads, and evasion techniques to support engagements.
• Research and operationalize current and emerging threat actor TTPs, translating findings into engagement scenarios, attack chains, and internal playbooks.
• Provide technical mentorship and guidance to junior red team practitioners.
• Collaborate with blue team, SOC, and defensive stakeholders to validate detection and response capabilities.
• Author technically rigorous, well-structured reports documenting engagement objectives, methodology, findings, attack paths, and evidence.
• Contribute to the development and ongoing refinement of red team program materials.
• Prepare and deliver briefings on red team findings and program activity to technical leads and executive stakeholders.

Qualifications

• Knowledge equivalent to the completion of a Bachelor's degree in Computer Science, Information Security, or a related field of study — or equivalent demonstrated professional experience.
• 5–8 years of hands-on experience in a penetration testing or red team role, or equivalent offensive security experience.
• Demonstrated experience leading red team engagements across multiple domains (network, cloud, Active Directory, web applications, physical).
• Demonstrated experience developing custom offensive tooling, scripts, or capabilities (PowerShell, Python, C/C++, C#, Bash, or similar).
• Demonstrated experience operating and customizing command and control (C2) frameworks (e.g., Cobalt Strike, Havoc, Sliver, or equivalent).
• Experience communicating risk clearly and effectively to both engineering teams and non-technical management.
• Experience producing high-quality technical and executive-level written reports.
• Active industry certifications required; advanced offensive security certifications preferred (OSCP, OSED, CRTO, CRTE, or equivalent).

Requirements

• Deep expertise in penetration testing methodologies across all relevant domains.
• Deep expertise with offensive security tooling across the same domains.
• Demonstrated experience with command and control frameworks — deployment, customization, and operational use.
• Demonstrated knowledge of the MITRE ATT&CK framework.
• Demonstrated experience developing attack plans for varied red team scenarios.
• Demonstrated experience with EDR, firewall, IDS/IPS, and AV evasion techniques.
• Working knowledge of cyber defense capabilities, SOC workflows, and detection logic.
• Knowledge of indicators of compromise associated with common offensive tools and techniques.
• Proficiency in scripting and development (PowerShell, Python, Bash, C/C++, C#, or equivalent).
• Familiarity with vulnerability classification frameworks (e.g., CVSS, OWASP Top 10, CVE).
• Solid understanding of infrastructure deployment and systems administration in both on-premises and cloud environments.
• Solid understanding of Windows Active Directory architecture and associated attack paths.
• Solid understanding of Linux operating systems and common exploitation techniques.
• Familiarity with IT regulatory frameworks and compliance requirements.
• Strong organizational, written, verbal, and presentation skills.
• Ability to assess and communicate risk at appropriate levels of urgency.
• Demonstrated ability to operate independently and manage engagement timelines.

Benefits

• Medical, dental, vision, HSA and FSA.
• Generous earned time off.
• 401K/student loan repayment.
• Life insurance & AD&D insurance.
• Employee assistance program.
• Employee stock purchase program.
• Tuition reimbursement.
• Performance-based incentive pay.
• Short- and long-term disability.
• Robust wellness program.