Cyber Red Team Lead

Location: Hybrid – London

Contract: Approximately 2 Weeks

Day Rate: £700 to £900

Start: Late March / April 2026

SNG is supporting a specialist security consultancy delivering a cyber security assessment and controlled red team engagement for a financial services organisation in London. Following an initial security assessment phase, the organisation will conduct a realistic adversary simulation designed to test its detection capability, security controls and incident response processes. We are seeking an experienced Cyber Red Team Lead to design and coordinate the offensive security exercise and lead the red team operators throughout the engagement. This role requires someone comfortable designing attack paths, simulating real world threat actors and conducting controlled offensive operations within clearly defined rules of engagement.

Role Responsibilities

Adversary Simulation Design

• Design realistic attack scenarios based on known threat actors and attack methodologies

• Identify potential attack paths through reconnaissance and intelligence gathering

• Align the simulation scenarios with vulnerabilities identified during the security assessment phase

• Develop structured attack chains to simulate real world adversary behaviour

Offensive Security Operations

• Conduct external reconnaissance and target discovery

• Simulate initial access techniques where authorised

• Execute Active Directory attacks and privilege escalation techniques

• Conduct lateral movement across environments

• Simulate credential harvesting and persistence techniques

• Conduct controlled data exfiltration simulations

Red Team Leadership

• Lead and coordinate red team operators during the engagement

• Define and enforce the agreed Rules of Engagement

• Ensure all offensive activity remains within authorised scope

• Coordinate with physical security red teams where required

• Manage operational safety controls to prevent disruption to the client environment

Collaboration

• Work closely with the cyber security assessment team

• Coordinate with programme leadership and the Cyber Project Manager

• Provide live updates during the exercise where critical vulnerabilities are discovered

Reporting & Documentation

• Document attack paths and exploited vulnerabilities

• Produce detailed technical findings reports

• Support preparation of the final executive level briefing

• Provide recommendations to improve detection and response capabilities

Required Technical Experience

Candidates should demonstrate strong experience in areas such as:

• Red team engagements or adversary simulation exercises

• Network penetration testing

• Active Directory attacks and privilege escalation techniques

• Credential harvesting and lateral movement

• Post exploitation frameworks and attack tooling

Tools & Platforms

Experience with tools commonly used in offensive security environments including:

Cobalt Strike

Metasploit

BloodHound

Nmap

Burp Suite

PowerShell offensive tooling

OSINT reconnaissance platforms

Backgrounds That Translate Well

Candidates often come from environments such as:

• Offensive security consultancies

• Red team units within cyber security firms

• Specialist penetration testing teams

• Cyber security consulting practices

• Government, military or intelligence cyber teams

Certifications (Preferred)

OSCP

CRTO

CREST CRT

CREST CCT

GPEN

GXPN

Equivalent real world red team experience will also be considered.

Additional Requirements

• UK based and able to travel to London if required

• Eligible for UK security vetting or screening

• Strong communication skills and ability to brief senior stakeholders

• Experience operating within structured Rules of Engagement

Engagement Overview

This role forms part of a multi phase cyber security programme, including:

• Security assessment activities

• Controlled adversary simulation

• Technical and executive reporting

The objective is to simulate realistic threat actor behaviour and evaluate how effectively the organisation can detect and respond to advanced cyber threats.

About SNG

SNG partners with organisations across cybersecurity, defence technology and advanced engineering to support specialist hiring across high trust technical environments.

Security Clearance or BS7858 vetting beneficial.

If this aligns with your experience and you are open to exploring the opportunity, please contact:

Sharissa Gannaway

📧 sharissa@sngrecruitment.com

📞 020 4621 4757 or 07501031993

All enquiries will be handled in strict confidence.