Senior Red Team Operator

Benefits

Additional Information

Senior Red Team Operator A role in the Global CISO Office that's as much about breaking things as it is about building resilience. Are you passionate about cybersecurity and driven by an adversarial mindset? Do you want to test a global financial institution against sophisticated, real-world threats? As a Senior Red Team Operator at ING, you will be part of a hands-on team focused on strengthening the bank's security posture. We think like a criminal to test our people, processes, and technology on a global scale. Your mission will be to simulate the tactics, techniques, and procedures (TTPs) of advanced threat actors, providing critical assurance to the business and its leadership. This is not a standard penetration testing role. We are looking for a specialist in red teaming who can plan and execute long-term, intelligence-led campaigns while maintaining exceptional operational security (OPSEC). The team You will join the Spain-based red team, a highly specialized, multicultural group of experts with a proven track record in cybersecurity. As part of the Tribe Cyber Threat Management (CTM), we have a hands-on approach and focus on the constant evolution of our skills through research and on-the-job experience. We are a crucial part of the CISO office, and our work directly influences ING's global security strategy. We help each other to be successful and live by the Orange Behaviours. Roles and responsibilities Lead advanced red team engagements. Design and conduct complex, long-run red team campaigns that mirror the sophistication of top-tier, intelligence-led exercises. You will test our global enterprise, including on-premise, cloud (Azure, Google Cloud), and hybrid environments. Execute the full attack lifecycle. Run objective-driven, end-to-end red team campaigns, from initial access to data exfiltration, while employing stealth to evade our Blue Team. Develop and maintain red team infrastructure. Build, operate, and customize the team's command-and-control (C2) infrastructure. You will be expected to go beyond using standard tools like Cobalt Strike or Sliver, developing bespoke capabilities to ensure operational success. Drive defensive improvements through purple teaming. Partner directly with our SOC and defensive teams in collaborative purple team exercises to tune detection rules, improve playbooks, and enhance ING's defensive capabilities. Develop custom tooling to bypass advanced defences. Research emerging TTPs and create your own tools, implants, and loaders in languages like C++, C#, or Go to bypass modern security controls like EDR and application allow-listing. Deliver actionable insights to the business. Author comprehensive, narrative-style reports that translate complex technical findings into clear, actionable recommendations for executive stakeholders. How to succeed We're looking for someone who not only has the technical skills but also embodies the Orange Behaviours. You take it on and make it happen. You have a proactive, hands-on mentality and take ownership of complex campaigns from planning to execution. You are relentlessly curious and driven to find new ways to challenge our defences. You help others to be successful. You are a natural collaborator, eager to share your expertise in purple team exercises and mentor junior operators. You thrive in a team environment where knowledge sharing is key to everyone's growth. You are always a step ahead. You have a forward-thinking mindset, constantly researching emerging threats and developing novel tools to stay ahead of the curve. You don't wait for instructions; you anticipate future challenges and build the solutions for them. What are we looking for? Want to know if this job is made for you? These are some of the qualities that we value the most for this role. And if the shoe fits... don't hesitate to apply! 5+ years of hands-on experience in a dedicated red team role. Strong development skills in at least one low-level language (e.g., C++, C#, Go, Rust) for custom tool development, and proficiency in a scripting language (e.g., Python, PowerShell). Deep experience attacking complex enterprise environments, including Active Directory and major cloud providers (Azure, AWS, GCP). A strong Operational Security (OPSEC) mindset with a proven ability to conduct covert, objective-driven operations. Advanced offensive security certifications, such as OSEP, OSCE/OSEE, CREST CCSAS, GXPN, or CRTO, are a significant plus. You are fluent in English, both verbally and in writing. What do we offer? The time you spend at work, the challenges you face or the lessons you get are very important, but... What about your personal life? At ING we want your work to fulfill you in every way, and that is why we take care of even the smallest details. Check out what is waiting for you! Be flexible my friend. Our model is all about flexibility and accountability. Keeping both our customers and our colleagues needs in mind, you determine together which da

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ing? Share your experience