Sterlings are partnered with one of the world’s leading financial groups.
As the Bank look to continue to strengthen their global cybersecurity program, they are seeking a highly skilled and forward-thinking Offensive Security - Red Team Lead to help safeguard its organisation against advanced cyber threats.
Role Overview
As the Red Team Lead, you will be responsible for planning, executing, and overseeing adversarial security exercises that assess the banks resilience against real-world attack scenarios. You will build and guide a team of offensive security professionals, partner closely with Blue Team and threat intelligence groups, and ensure the bank maintains a proactive and robust security posture across all critical environments.
Key Responsibilities
* Lead the design and execution of sophisticated red team engagements, including advanced persistent threat (APT) simulations, penetration tests, and social engineering campaigns.
* Develop and maintain a comprehensive red team strategy aligned to security objectives.
* Manage, mentor, and grow a high-performing red team of offensive security specialists.
* Collaborate with Blue Teams, Cyber Defence, and Threat Intelligence to improve detection, response, and overall security maturity.
* Produce clear, actionable reports that highlight vulnerabilities, exploit paths, and recommended mitigations.
* Ensure all red team activities comply with legal, regulatory, and internal governance requirements.
* Stay current on emerging threat actors, techniques, and tools.
* Present findings and recommendations to senior leadership and technical stakeholders.
Required Qualifications
* Extensive experience in offensive security, red teaming, penetration testing, or threat emulation.
* Strong expertise in adversarial techniques, TTPs, and frameworks such as MITRE ATT&CK.
* Proficiency with offensive tooling (C2 frameworks, custom scripts, exploitation frameworks, etc.).
* Demonstrated ability to lead technical teams and manage complex engagements.
* Deep understanding of enterprise networks, cloud environments, and modern defense technologies.
* Relevant certifications such as OSCP, OSCE, OSEP, GIAC GXPN, GREM, or CREST (or equivalent experience).