Senior IT Security Analyst - Red Team

About the role

As the Senior IT Security Analyst, you will lead objective-based assessments that simulate realistic adversary behaviors in a controlled, authorized manner. In this role, you will be required to demonstrate senior proficiency in assessment planning, stakeholder coordination, evidence-based reporting, risk communication, and collaboration with defensive teams to improve detection, response, and remediation outcomes. Your role will also include interfacing with internal business unit IT representatives and stakeholders at all levels during performance of your duties.

Responsibilities

• Lead the planning, scoping, execution, reporting, and remediation tracking for senior red team assessments across Wolters Kluwer environments
• Design assessment objectives, rules of engagement, success criteria, and safety controls in partnership with CTC leadership, business units, legal, privacy, and technology stakeholders
• Conduct authorized red team assessments that evaluate enterprise resilience across applications, infrastructure, identity, cloud, endpoint, network, and security monitoring capabilities
• Perform adversary emulation and threat-informed control validation aligned to relevant frameworks such as MITRE ATT&CK, internal risk priorities, and current threat intelligence
• Translate red team findings into clear risk narratives, prioritized remediation actions, and executive-ready summaries for technical and non-technical audiences
• Partner with blue team, SOC, incident response, vulnerability management, and engineering teams to validate detection coverage and improve response playbooks
• Coordinate assessment logistics, communications, evidence handling, stakeholder briefings, and after-action reviews to ensure assessments are well governed and repeatable
• Mentor and guide junior and mid-level security analysts on red team assessment methodology, documentation quality, operational discipline, and professional conduct
• Identify systemic security themes from assessment results and recommend improvements to reduce enterprise attack paths and business risk
• Support remediation validation by retesting agreed findings and confirming that corrective actions address root causes rather than symptoms
• Maintain awareness of emerging attacker techniques, defensive countermeasures, and security assessment approaches relevant to WK technology environments
• Collaborate with threat intelligence teams to convert relevant threat information into realistic, controlled assessment scenarios
• Advise on technology solution implementation, security control selection, and monitoring/reporting of assessment outcomes and control performance
• Provide input based on policies, standards, and management guidance, and recommend improvements to red team operating procedures
• Complete work in an accurate, ethical, and controlled manner to meet Wolters Kluwer strategic security objectives
• Contribute to metrics, key performance indicators, trend analysis, and reporting that communicate red team assessment coverage, findings, risk reduction, and remediation progress
• Assist with secure configuration, hardening, and remediation discussions when red team findings identify control gaps or exploitable attack paths
• Respond to audit, regulatory, and customer inquiries by explaining red team assessment scope, methodology, governance, and security improvement outcomes as appropriate
• Work with business units to understand environment-specific risk, align assessment objectives to business priorities, and properly address identified security gaps
• Ensure red team work is compliant with WK enterprise policies, procedures, authorization requirements, and the CTC strategic plan
• Assist in the operationalization of new red team capabilities, assessment tooling, reporting templates, and continuous improvement processes
• Conduct training and knowledge-sharing sessions with other team members and cross-functional security partners
• Support incident response and investigation activities, as directed, by providing assessment context, attack-path analysis, and recommendations based on solid security principles
• Develop threat- and assessment-related communications that help improve WK security situational awareness, detection readiness, and resilience

Requirements

• Strong understanding of security principles including confidentiality, integrity, availability, access control, authentication, authorization, privacy, and non-repudiation
• Strong understanding of red team concepts, adversary emulation, control validation, detection engineering collaboration, and enterprise attack surface management.
• Experience planning and conducting authorized red team assessments across applications, infrastructure, cloud, identity, endpoint, and network environments
• Experience with offensive security assessment tools, scripting, safe testing practices, evidence capture, and repeatable documentation methodologies
• Understanding of common vulnerabilities, misconfigurations, attack paths, and control gap

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at wk? Share your experience