Sr. Red Team Specialist

About the role

Job Description: Building trusted markets - powered by our people At Cboe Global Markets, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world. We're building meaningful ways to support professional and personal development while strengthening the trust we've earned as a global market leader. Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access to opportunity, we encourage our people to "go for it" and equip our managers with the training to coach their teams to the next level. We strive to provide employees a safe space to network, share ideas and create opportunities. To support strong partnership and team connection, this role follows a four day in office work model. Location Overview Cboe HQ is located in the historic Old Post Office district, i t' s a landmark that blends classic architecture with modern amenities. The building features expansive spaces with high ceilings and large windows, offering an abundance of natural light and panoramic views of the city skyline and the Chicago River. With its prime location in the heart of downtown, the OPO Building provides easy access to major transportation hubs, including Union Station and multiple CTA lines, making it convenient for commuters. The building is home to a variety of amenities, including restaurants, a fitness center, and collaborative workspaces, creating a vibrant and dynamic work environment in one of Chicago's most iconic areas. Role Overview The Security Operations team is hiring a Senior Red Team Specialist. The Senior Red Team Specialist is a highly skilled individual contributor within the Security Operations organization, responsible for planning and executing advanced offensive security operations that emulate real‑world adversaries and rigorously test enterprise security controls. This role is deeply technical and hands‑on, with active engagement across endpoint, identity, cloud, SaaS, network, and application environments. This position partners closely with Detection Engineering, Threat Hunting, Incident Response, and Purple Team functions to ensure red team engagements drive measurable improvements in detection coverage, response effectiveness, and overall defensive posture. While the role does not own enterprise‑wide red team strategy, it plays a key role in shaping red team tactics, tooling, and execution standards, and in translating offensive findings into actionable defensive outcomes. Your responsibilities will be: Executing adversary emulation and red team engagements aligned to real‑world threat actor techniques and objectives Performing hands‑on offensive operations, including initial access, persistence, privilege escalation, lateral movement, and command‑and‑control Developing, maintaining, and safely using custom red team tooling, scripts, and techniques Working closely with detection and threat hunting teams to validate detections and response effectiveness during red and purple team exercises Assisting in the design and execution of assumed breach scenarios and multi‑stage attack chains Identifying control gaps, detection blind spots, and architectural weaknesses across enterprise environments Supporting incident response teams during complex investigations by providing attacker tradecraft insight Producing clear, actionable reporting that translates technical findings into operationally relevant recommendations Contributing to the improvement of red team processes, safety controls, and engagement playbooks Mentoring junior analysts and contributing to skills development across the security operations team The ideal candidate has 5+ years of experience in red teaming, penetration testing, or offensive security, with demonstrated hands‑on impact Bachelor's degree or equivalent practical experience Strong knowledge of attacker tradecraft and TTPs across modern enterprise environments Hands‑on experience attacking and evading controls in endpoint, identity, cloud, and hybrid infrastructures Working understanding of defensive security technologies, such as EDR, SIEM, identity protection, and cloud security controls Experience collaborating in purple team exercises and adapting techniques based on detection feedback Ability to independently plan and execute offensive tasks within a defined engagement scope Strong written and verbal communication skills, including technical documentation and reporting High ethical standards and experience operating within defined rules of engagement You'll really stand out with : Experience executing threat‑intelligence‑informed adversary emulation, not just vulnerability‑driven testing A track record