Direct message the job poster from LanceSoft, Inc. Recruitment Manager (Hiring for both USA and Canada) We are seeking a highly skilled Senior Red Team Operator / Penetration Tester / Vulnerability Researcher to lead advanced offensive security engagements. This role requires a deep understanding of adversarial tactics, vulnerability research, and real-world attack simulation. The ideal candidate will have a strong background in red teaming, exploit development, Active Directory attacks, cloud security assessments, and adversary emulation. As a senior member of the offensive security team, you will design and execute advanced cyberattack simulations, identify and exploit security weaknesses, and provide actionable intelligence to improve security defenses. You will also contribute to vulnerability research, tooling development, and innovation in offensive security techniques. Key Responsibilities Red Team Operations & Penetration Testing Lead full-scope red team engagements, including initial access, lateral movement, persistence, and impact simulation. Execute internal/external network penetration tests, cloud security assessments, and Active Directory attacks. Bypass modern endpoint detection & response (EDR), SIEMs, and other defensive security controls. Simulate APT (Advanced Persistent Threat) techniques based on frameworks like MITRE ATT&CK and TIBER-EU. Conduct phishing, social engineering, and physical security assessments. Vulnerability Research & Exploit Development Identify and exploit zero-day and N-day vulnerabilities in software, hardware, and enterprise environments. Reverse engineer applications, binaries, and firmware to discover security flaws. Develop custom proof-of-concept (PoC) exploits and offensive security tooling. Research kernel exploits, privilege escalation techniques, and sandbox evasion. Publish public CVEs and contribute to the security research community. Build custom red team tools, C2 frameworks, and evasion techniques. Enhance automation for offensive security testing using Python, PowerShell, C, Rust, or Golang. Maintain and expand internal exploit repositories and attack simulation frameworks. Contribute to open-source offensive security projects. Provide detailed technical reports on security findings, attack paths, and remediation strategies. Work closely with blue teams, SOCs, and threat intelligence teams to improve detection and response capabilities. Present research and red team findings to executives, security leaders, and technical teams. Required Qualifications 5+ years of hands-on experience in red teaming, penetration testing, or vulnerability research. Expert knowledge of Windows, Linux, Active Directory, and cloud environments (AWS, Azure, GCP). Strong experience with C2 frameworks (Cobalt Strike, Mythic, Sliver, Havoc, Brute Ratel, etc.). Deep understanding of offensive security techniques, EDR evasion, and persistence mechanisms. Proficiency in scripting/programming (Python, C, C++, Rust, PowerShell, Bash, or Golang). Experience with reverse engineering (IDA Pro, Ghidra, Binary Ninja) and exploit development. Knowledge of memory corruption vulnerabilities (buffer overflows, ROP, format string exploits, etc.). Expertise in MITRE ATT&CK, TTPs of advanced threat actors, and adversary simulation. Strong analytical, problem-solving, and critical-thinking skills. Preferred Qualifications Published CVEs or security research contributions. Experience conducting red team engagements in highly regulated environments (financial, healthcare, government). Familiarity with cloud-native attack techniques and container security (Kubernetes, Docker, Azure AD). Experience with hardware security research, RFID cloning, or physical security bypass techniques. Certifications such as OSCE, OSEP, CRTO, OSCP, OSED, or equivalent experience. Comments: ideal candidate would have OSEE, OSEP, OSCP, hands on experience bypassing EDR Seniority level Seniority level Mid-Senior level Employment type Employment type Contract Job function Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at LanceSoft, Inc. by 2x Get notified about new Penetration Tester jobs in Colombia . Bogota, D.C., Capital District, Colombia 1 week ago Bogota, D.C., Capital District, Colombia 2 weeks ago Bogota, D.C., Capital District, Colombia 6 days ago Bogota, D.C., Capital District, Colombia 1 month ago Security Operations Analyst - Latin America Bogota, D.C., Capital District, Colombia 3 days ago Cyber Defense Engineer, Contract Capabilities Bogota, D.C., Capital District, Colombia 1 week ago Cyber Defense Engineer, Contract Capabilities Linux Cryptography and Security Engineer Bogota, D.C., Capital District, Colombia 1 week ago Security Operations Center Senior Analyst Security Engineer (Middle/Senior) ID35384 Bogota, D.C., Capital District, Colombia 1 week ago Security Engineer (Middle/Senior) ID35384 Medellin, Antioquia, Colombia 1 month ago Cyber Security Data Engineer, Contract Capabilities Bogota, D.C., Capital District, Colombia 1 week ago Security Engineer (Middle/Senior) ID35384 Bogota, D.C., Capital District, Colombia 1 month ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr