Senior Red Teamer

Nelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer professional services company consumer loan originator and servicer payments processor renewable energy solutions and K-12 and higher education expert. For over 40 years Nelnet has been serving its customers associates and communities.

The perks of working at Nelnet go beyond our benefits package. When you join the Nelnet team youre part of a community invested in the success of each individual. That support comes through in our work as we are united by our mission of creating opportunities for people where they live learn and work.

Job Description

• Own and contribute to the full lifecycle of red team engagements - including scoping rules of engagement definition threat modeling operational planning execution deconfliction and post-engagement reporting - across external network assumed breach and purple team scenarios. Ensure engagements are structured documented and executed in alignment with program standards and organizational risk appetite
• Conduct advanced penetration testing and adversary simulation across all technical and physical attack surfaces including web applications APIs servers network infrastructure cloud environments (IaaS SaaS PaaS) Windows Active Directory mobile applications and physical access controls. Apply real-world attacker techniques and scenario-based targeting to maximize engagement fidelity and operational value.
• Develop and maintain custom offensive tooling exploits payloads and evasion techniques to support engagements and reduce reliance on commodity or signature-based tooling. Maintain awareness of current defensive countermeasures and adapt tooling accordingly to reflect realistic threat actor behavior.
• Research and operationalize current and emerging threat actor TTPs tracking adversary tradecraft across open-source intelligence threat reports and industry research. Translate findings into engagement scenarios attack chains and internal playbooks that reflect the threat landscape relevant to Nelnets business and industry.
• Provide technical mentorship and guidance to junior red team practitioners - including work review knowledge transfer and participation in internal training documentation and skills development initiatives. Contribute to team capability growth through consistent structured technical engagements with less senior staff.
• Collaborate with blue team SOC and defensive stakeholders to validate detection and response capabilities support purple team exercises and deliver actionable feedback on detection gaps alert fidelity and defensive control effectiveness. Approach these engagements with a shared-outcome mindset that improves the organizations overall security posture.
• Author technically rigorous well-structured reports that document engagement objectives methodology findings attack paths and evidence with clear risk ratings and prioritized remediation guidance. Produce executive-level summaries that convey security risk in business-relevant terms without sacrificing technical accuracy.
• Contribute to the development and ongoing refinement of red team program materials - including engagement frameworks methodology documentation internal playbooks and capability roadmaps - to support program maturity consistency and scalability over time.
• Prepare and deliver briefings on red team findings and program activity and security risk to technical leads security leadership and executive stakeholders as appropriate. Communicate complex offensive security concepts clearly and with appropriate context for each audience.

Education

Knowledge equivalent to the completion of a Bachelors degree in Computer Science Information Security or a related field of study or equivalent demonstrated professional experience.

Experience

• 58 years of hands-on experience in a penetration testing or red team role or equivalent offensive security experience

• Demonstrated experience leading red team engagements across multiple domains (network cloud Active Directory web applications physical)

• Demonstrated experience developing custom offensive tooling scripts or capabilities (PowerShell Python C/C C# Bash or similar)

• Demonstrated experience operating and customizing command and control (C2) frameworks (e.g. Cobalt Strike Havoc Sliver or equivalent)

• Experience communicating risk clearly and effectively to both engineering teams and non-technical management

• Experience producing high-quality technical and executive-level written reports

• Active industry certifications required; advanced offensive security certifications preferred (OSCP OSED CRTO CRTE or equivalent)

Competencies Skills / Knowledge / Abilities

Needs:

• Deep expertise in penetration testing methodologies across all relevant domains: web applications APIs network infrastructure cloud environments and Windows Active Directory

• Deep expertise with offensive security tooling across the same domains; ability to extend modify or replace tools as operational requirements demand

• Demonstrated experience with command and control frameworks deployment customization and operational use

• Demonstrated knowledge of the MITRE ATT&CK framework and the ability to map engagement activity to current threat actor methodologies

• Demonstrated experience developing attack plans for varied red team scenarios including external network assumed breach and purple team exercises

• Demonstrated experience with EDR firewall IDS/IPS and AV evasion techniques

• Working knowledge of cyber defense capabilities SOC workflows and detection logic; ability to evaluate and challenge existing detection coverage

• Knowledge of indicators of compromise associated with common offensive tools and techniques

• Proficiency in scripting and development (PowerShell Python Bash C/C C# or equivalent) with the ability to produce functional operationally relevant code

• Familiarity with vulnerability classification frameworks (e.g. CVSS OWASP Top 10 CVE)

• Solid understanding of infrastructure deployment and systems administration in both on-premises and cloud environments

• Solid understanding of Windows Active Directory architecture and associated attack paths (e.g. Kerberoasting ACL abuse lateral movement)

• Solid understanding of Linux operating systems and common exploitation techniques

• Familiarity with IT regulatory frameworks and compliance requirements as they apply to offensive testing scope and rules of engagement

• Strong organizational written verbal and presentation skills; ability to tailor communication style to audience

• Ability to assess and communicate risk at appropriate levels of urgency to both technical teams and leadership

• Demonstrated ability to operate independently manage engagement timelines and deliver results without close supervision

Wants:

• Experience with reverse engineering methodologies and tools (e.g. Ghidra IDA x64dbg)

• Familiarity with forensic methodologies and tools as applied to post-engagement analysis or adversary simulation fidelity

• Experience contributing to or publishing offensive security research tooling or tradecraft (internal or external)

• Experience designing or contributing to red team program development playbooks engagement frameworks metrics or capability roadmaps

• Prior experience in a formal mentorship or technical lead capacity within a security team

Pay range for this role is: $110-160k

Please note that we are unable to provide visa sponsorship for this position. To be considered candidates must already be authorized to work in the United States without the need for current or future sponsorship.

Our benefits package includes medical dental vision HSA and FSA generous earned time off 401K/student loan repayment life insurance & AD&D insurance employee assistance program employee stock purchase program tuition reimbursement performance-based incentive pay short- and long-term disability and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet is committed to providing a welcoming and respectful workplace where all associates have the opportunity to succeed. As an Equal Opportunity Employer we ensure that all qualified applicants are considered for employment. Employment decisions are made without regard to race color religion/creed national origin gender sex marital status age disability use of a guide dog or service animal sexual orientation military/veteran status or any other status protected by federal state or local law. We value the unique contributions of every team member and believe that a positive work environment benefits everyone.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at or.

Nelnet is a Drug Free and Tobacco Free Workplace.