Senior Red Team Engineer

The Role:In this role, you will design, execute, and evolve advanced adversarial simulation campaigns to test Moderna's cyber resilience across corporate, laboratory, and manufacturing environments.You will act as a hands-on operator and technical lead, building and running end-to-end offensive campaigns - from initial reconnaissance to network exploitation and post-exploitation within high-value segments like lab and OT systems.This role reports to the Senior Director of the Security Engineering & Response organization and works closely with Incident Response, Threat Intelligence, and Detection Engineering to convert findings into durable defenses.Your mission: identify, emulate, and weaponize attacker tradecraft before real adversaries do.Here's What You'll Do: Plan, execute, and document full-spectrum red team operations targeting digital, physical, and hybrid environments. Develop and maintain offensive toolchains and infrastructure for covert operations (C2 frameworks, payload obfuscation, cloud-based staging, and beacon management). Conduct external-to-internal attack simulations. Collaborate with detection and incident response teams to measure time-to-detect, time-to-contain, and overall detection efficacy. Build and maintain custom scripts and exploits using Python, PowerShell, and other languages to simulate real adversary TTPs. Perform adversary emulation based on threat intel tied to biotech, pharma, and critical manufacturing sectors. Lead post-operation technical debriefs with IR and Threat Intel to derive new detection opportunities and security controls. Contribute to the development of internal red team maturity, progressing toward a continuous red team model.Here's What You'll Need (Basic Qualifications) 8+ years years in cybersecurity with deep experience in red teaming, offensive security, or adversary simulation. Proven ability to conduct end-to-end attack chains, including initial access, lateral movement, privilege escalation, and data exfiltration. Expertise in network penetration testing, Active Directory exploitation, cloud attacks (Azure, AWS, O365), and endpoint evasion. Experience targeting OT or lab-connected systems is a plus. Strong knowledge of MITRE ATT&CK, C2 frameworks, and offensive tooling. Familiarity with purple team methodologies and integrating offensive results into defensive playbooks and detections. OPSEC discipline and experience running stealth operations under blue team monitoring. Solid scripting and automation skills in at least one major language (Python, PowerShell, Bash, or Go).Here's What You'll Bring to the Table (Preferred Qualifications) Preferred certifications: OSCP, OSEP, OSED, CRTO, or equivalent hands-on offensive credentials. Ability to communicate complex offensive findings clearly to both technical engineers and executive stakeholders.Under Washington State law, Moderna is required to provide a reasonable estimate of the salary range for the jobs covered by this description. Base compensation for these positions in Washington State range from $158,600 to $285,500. Actual salary determinations will take into account factors such as work location, prior education and experience, job-related knowledge, and demonstrated skills. Compensation decisions are made on the facts and circumstances of each addition to base compensation Moderna employees are eligible for a comprehensive incentive compensation package including an annual cash bonus, new hire equity and an annual refresh, 401(k) match, competitive and inclusive medical, dental, and vision coverage

Created: 2026-01-30