Senior Red Teamer

Location: Israel

E.V.A. Information Security helps clients grow by leveraging modern technology and creating a safe future. We specialize in simulating real-world cyber adversaries to test and improve the resilience of our clients’ environments.

This is a hybrid & remote role for a Red Team Researcher.

Role Overview

You will be part of a highly skilled research team focused on developing and executing advanced offensive techniques. Your work will involve simulating sophisticated adversaries in both initial-access and zero-access scenarios, escalating privileges, performing lateral movement, and bypassing modern defenses across enterprise and hybrid environments.

Beyond operations, you will conduct in-depth security research, building and testing custom offensive tools (C2 frameworks, implants, and evasion techniques), and uncover new attack surfaces, ranging from enterprise infrastructure and Active Directory to wireless and cloud-native systems.

Key Responsibilities

• Research and develop offensive security techniques, tools, and methodologies
• Execute realistic adversary simulations (phishing, social engineering, external-to-internal compromise, supply chain style attacks)
• Design and test new methods of persistence, privilege escalation, and lateral movement
• Identify and bypass modern defensive technologies.
• Explore novel attack vectors in enterprise, wireless, and cloud environments
• Document findings with clear, actionable reports and knowledge sharing within the team
• Contribute research to the broader security community (optional but encouraged)

Qualifications

• Proven experience in Red Team, offensive security, or related research roles
• Strong expertise in initial foothold techniques and privilege escalation in on-prem environments
• Experience with zero-access scenarios (external-to-internal compromise, phishing, social engineering, supply chain)
• Proficiency in Active Directory exploitation, lateral movement, and persistence techniques
• Solid knowledge of bypassing modern security controls (EDR/AV, MFA/OTP, firewalls, monitoring systems)
• Hands-on experience with networking and infrastructure exploitation
• Strong self-management, problem-solving, and communication skills (Hebrew & English)

Nice to Have

• Advanced offensive security certifications (OSCP, OSEP, OSCE3, CRTP, CRTE, eCPTX, etc.).
• Development of offensive tooling (C2 frameworks, implants, evasion frameworks).
• Experience with cloud attack techniques (AWS, Azure, GCP)
• Experience in full-scope red team or adversary emulation exercises.
• Ability to execute social engineering or physical security testing safely and ethically.