Home Services Methodology Sample Report About Careers Contact
Careers

Red Team Engineer /
Senior Penetration Tester

Full-Time Tri-Cities, WA + Remote (PNW) Senior · 6+ Years Some Travel
← All openings
$120,000 – $160,000
Base salary, depending on experience. Plus performance bonus and benefits (see Compensation below).
Apply for this role →

About the role

Rimrock Security is hiring an experienced red team engineer / senior penetration tester. The role covers external and internal network, web application, and cloud penetration testing, adversary simulation, phishing campaigns, and physical intrusion assessments for clients across the Pacific Northwest, including defense supply chain contractors.

You will scope engagements with clients, perform the testing, validate findings, write the reports, and brief the results. It is a senior, client-facing position with a capped engagement load.

Responsibilities

  • Plan and perform external and internal network, web application, and cloud penetration tests within an agreed scope and rules of engagement.
  • Conduct red team and adversary-simulation engagements: initial access, privilege escalation, lateral movement, and objective completion, with manual validation of findings.
  • Perform physical intrusion assessments and social-engineering / phishing campaigns where scoped.
  • Map findings to NIST 800-171 / CMMC controls and write clear, prioritized reports for technical and executive audiences.
  • Brief clients on results and maintain testing tools and methodology.

Requirements

  • 6+ years of penetration testing or offensive security experience.
  • OSCP required; OSEP, CRTO, OSCE3, GXPN, or equivalent preferred.
  • Proficiency with Active Directory attacks, network and web application exploitation, privilege escalation, and attack-path analysis.
  • Strong written and verbal communication, including client-facing report writing.
  • Authorization-first, ethical operating practices.
  • Authorized to work in the United States.

Preferred qualifications

  • Physical intrusion, lock bypass, RFID, and social-engineering experience.
  • Cloud (AWS / Azure / GCP) and container / Kubernetes testing experience.
  • Tooling and development experience (Python, C#, C, Go) and published research, talks, or CVEs.
  • NIST 800-171 / CMMC familiarity and eligibility for a U.S. security clearance (U.S. person).

Compensation and benefits

  • Base salary $120,000–$160,000, depending on experience.
  • Performance bonus and engagement profit-share.
  • Health coverage and paid time off.
  • Annual training, certification, and equipment budget.
  • Remote-friendly schedule; relocation assistance available.
Apply for this role →