Associate Director, Adversary Simulation

Core Responsibilities 

Team Leadership & Development 

• Lead and develop high-performing Red Team and BAS engineering teams 

• Conduct regular 1:1 meeting and provide career development guidance for staff 

• Manage performance through goal setting, feedback, mid-year check-ins, yearly performance reviews, and professional growth planning 

• Foster a collaborative culture that promotes technical excellence, customer success, and continuous learning 

• Support hiring new team members with appropriate technical and cultural fit 

Technical Program Management 

• Red Team Operations: Lead engagement planning, including stakeholder requirements gathering, target environment identification, risk-based prioritization, and exercise objective setting. Coordinate with Red Team operators to translate business security concerns into realistic scenarios prioritized according to available cyber threat intelligence. Provide weekly updates to CTS leadership during execution to ensure alignment with objectives, progress tracking, and address any escalation needs. 

• BAS Program Management: Strategic oversight of program delivery through the BAS Lead, focusing on capability maturation, stakeholder alignment, and resource allocation. Coordinate high-level program direction while delegating detailed technical planning and execution to the BAS Lead. 

• Coordinate with stakeholders to align adversary simulation activities with organizational security priorities. 

• Ensure the technical quality of all offensive security deliverables, including findings risk documentation for batch inclusion into the systems of record, reporting deliverables like presentations for stakeholders, and reports detailing the attack narratives and methodologies. 

• Cross-Program Coordination: Ensure collaboration, where possible, between Red Team exercises and BAS simulations to maximize organizational security testing coverage, avoid duplication of effort, and create repeatability and scalability of testing efforts (e.g., a Discovery technique that successful in a covert Red Team Campaign is converted to a repeatable BAS test case that the BAS platform programmatically executes across all environments for continuous validation). 

• Focus on strategic coordination and stakeholder alignment while delegating technical execution and detailed operational planning to respective team leads and operators. 

• Drive innovation in adversarial simulation techniques and tooling. 

Strategic Planning & Execution 

• Develop and execute a program strategy for adversary simulation capabilities aligned with business objectives, spanning the next 12 to 18 months. 

• Manage project timelines and resource allocation across multiple concurrent engagements. 

• Coordinate cross-functional collaboration with other CTS teams and organizational stakeholders, as well as teams in different organizations (e.g., internal collaboration with the Bug Bounty program or external collaboration with the Domain Administrators team, company subsidiaries, or other Red Teams in industry when discussing tradecraft and strategies to navigate organizational dynamics). 

• Establish metrics and KPIs for measuring program effectiveness and team performance. 

• Support incident response activities with an adversarial perspective and technical expertise or deconfliction requests to address questions like “is this the Red Team?”. 

Stakeholder Engagement 

• Collaborate with the Enterprise Information Protection (EIP) organization on strategic security initiatives and threat landscape assessment. 

• Familiar with campaign/engagement findings and support communication of recommendations to executive leadership and stakeholders. 

• Interface with external partners, including vendors, industry groups, and service providers supporting our mission. 

• Support business unit engagement through technical consultation, fielding intake requests (e.g., “Can the Red Team test this?”), and security awareness. 

Required Qualifications 

Leadership Experience 

• 3-5 years of management experience leading technical teams in cybersecurity or a related field 

• Proven track record of developing high-performing technical professionals. 

• Demonstrated ability to manage complex projects with multiple stakeholders and competing priorities. 

• Experience building and scaling technical programs and capabilities. 

Technical Expertise 

• 5-7 years of hands-on experience in offensive security, penetration testing, red team operations, or Breach and Attack Simulation (BAS). 

• Deep understanding of adversarial tactics, techniques, and procedures (TTPs). 

• Proficiency with red team tools, including C2 and Social Engineering frameworks, exploitation tools, and custom payload development. 

• Knowledge of enterprise security technologies and architecture patterns, and their potential vulnerabilities and bypasses. 

• Understanding of threat intelligence and attack lifecycle methodologies. 

Project Management 

• Program management experience coordinating multiple concurrent security assessments or technical projects. 

• Resource planning and allocation skills for technical teams and project deliverables. 

• Risk management capabilities for complex technical operations. 

• Vendor management experience with security service providers and technology partners. 

Preferred Qualifications 

Advanced Technical Skills 

• Malware development and analysis capabilities. 

• Cloud security expertise (AWS, Azure, GCP) with a focus on offensive techniques. 

• Active Directory and enterprise infrastructure attack methodologies. 

• Scripting and automation skills (Python, PowerShell, Bash) for operational efficiency. 

Certifications & Education 

• Advanced certifications like OSCE3, CRTL, CRTM, and OSEE are preferred. 

• Continuous learning through industry training and conference participation. 

Industry Experience 

• Enterprise environment experience with large-scale red team operations. 

• Regulatory compliance knowledge relevant to adversary simulation (SOX, PCI, HIPAA). 

• Consulting or managed services background with client-facing technical communication. 

• Cross-functional collaboration with IT, compliance, and business stakeholders. 

Compensation & Benefits 

• Competitive salary commensurate with experience and technical expertise. 

• Performance-based incentives. 

• Comprehensive benefits package including health, dental, vision, and retirement planning. 

• Professional development opportunities, including tuition assistance, conference attendance, training, and certification support. 

• Flexible work arrangements support work-life balance and professional effectiveness. 

Additional Information:

This role offers the opportunity to lead cutting-edge offensive security capabilities while developing exceptional technical talent in a dynamic, growth-oriented environment. The ideal candidate combines deep technical expertise with proven leadership skills and strategic business acumen. 

WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense. A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.   Satellite and Wireless Internet service is NOT allowed for this role. A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information