Red teams aim to avoid real-world cyber attacks by taking an attacker-like approach when testing security and detecting vulnerabilities. Red team exercises are therefore vital to detecting, preventing and remediating attacks by executing red team operations based on realistic threats.
There's a multitude of reasons to choose a career in offensive security, including delving into exciting challenges that consistently evolve and keep you on your toes, impressive job satisfaction rates, a wealth of learning capabilities, boundless career opportunities and a competitive salary. It’s a great place to be!
If you are interested in challenging organisations' security controls and threat intelligence, red teaming could be a career opportunity for you!
Red Team Engineers / Operators
Red Team Engineers (also known as Red Team Operators) are critically important in exploring the tactics, techniques, and procedures attackers use to infiltrate IT systems and stay under the radar in covert operations.
Posing as cyber criminals and emulating malicious attacks, red teams adopt an attacker mindset when testing security and detecting vulnerabilities - placing your organisation as close to a real security incident as possible to test incident response accurately.
Red teams must maintain oversight of blue team actions in order to gain visibility of both threat and defence strategies. This rule also applies to blue teams, who should understand how offensive security works and how attackers go about this to arm the defence.
The responsibilities of red teamers are rich and diverse, aligning with the turbulent (and exciting!) nature of the industry - consistently evolving. Some of the responsibilities you can expect to adopt are:
- Emulate the role of a threat actor to uncover exploitable vulnerabilities
- Maintain access and avoid detection from blue teams without triggering alarms
- Assess organisations' security controls, threat intelligence, and incident response procedures
- Evaluate and report on insights with actionable data for companies to avoid real-world instances
- Identify new open source project opportunities and internal tooling needs
- Identify areas of process improvement within the red team
- Collaborate closely with defensive and infrastructure teams
- Compose detailed reports of red team operations, including goals, outcomes, observations and suggestions for improvement
Penetration Testers create new testing methods to identify vulnerabilities while performing penetration tests on computer systems, networks and applications.
It’s vital to understand various aspects of information security, including web applications, networks and sometimes even low-level technology assembly, in learning how to exploit them.
Red teaming is more complex than penetration testing, although both share the ultimate goal of testing the security posture using adversarial tactics.
(To find out more, check out our interview with Ben, TryHackMe’s very own Penetration Tester and Content Engineer!)
- Perform penetration tests on networks, applications and computer systems
- Perform physical security assessments to identify vulnerabilities
- Identify attacker entry points used to exploit vulnerabilities and weaknesses
- Identify areas needed for improved awareness and education
- Identify improvements for existing security solutions (policies, hardware, software, etc.)
- Research, document and discuss findings
- Review and provide feedback for security fixes
- Create new testing methods to identify vulnerabilities
- Keep updated on the latest malware and security threats
Red Team Manager
Red Team Managers are responsible for all day-to-day oversight, including the development, installation, configuration, maintenance, operations and exercises within a red team.
Leading a team of technical red teamers, Red Team Managers must coach and provide ongoing support to red team members as the lead project managers for all offensive engagements.
- Lead discussions and delivery of advanced security testing
- Provide input on security architecture, issues, and features
- Drive implementation of security process improvements
- Deliver and present operation findings to relevant stakeholders
- Hire security engineers to work within red teams
Red Team Salaries
Depending on experience, you can earn anything between £31,595 for entry-level positions, through to over £110,000 as you progress. An average salary sits at around £70,000 (approximately $80,000).
Red team salaries are highly competitive and can be significant with experience. With the skills workforce gap, there's never been a better time to get into red teaming!
Explore TryHackMe’s new, technical Red Team Pathway
TryHackMe's learning paths will give you the fundamental technical knowledge to support you with complex and highly specialised developmental training labs in real-world, hands-on environments.
We teach cyber security in practice - where you can hack and defend virtual machines in a real-world environment to get realistic, transferable skills in entirely safe surroundings.