We are seeking a skilled Information Security Specialist - Red Team Operator to join our offensive security program and help strengthen our defensive posture through realistic adversary emulation. This role focuses on executing end-to-end red team engagements that simulate real-world threat actors, validate security controls, and provide actionable insight to detection and response teams.
The ideal candidate brings hands-on technical expertise, strong tradecraft, and the ability to operate safely and professionally in a highly governed enterprise environment.
Job Details - What You’ll Do
Plan and execute full-scope red team engagements, including reconnaissance, initial access, lateral movement, privilege escalation, command-and-control, and objective completion
Emulate real-world threat actors using established TTPs (e.g., MITRE ATT&CK)
Conduct phishing and social engineering campaigns within defined legal and ethical constraints
Develop and maintain custom tooling, payloads, and infrastructure to support operations
Collaborate closely with Blue Team, Purple Team, Threat Intelligence, and Incident Response partners
Produce clear, technically accurate engagement reports and executive-ready summaries
Contribute to detection engineering by identifying gaps in controls, telemetry, and response processes
Support continuous improvement of red team methodologies, playbooks, and governance processes
Mentor junior operators and contribute to team knowledge sharing
Job Requirements - What You Need to Succeed
University degree
7+ years of experience in offensive security, red teaming, penetration testing, or equivalent hands-on security roles
Strong knowledge of Windows Active Directory environments, identity abuse, and enterprise authentication flows
Proven experience with common red team tooling (e.g., C2 frameworks, phishing platforms, custom payloads)
Solid understanding of network protocols, operating systems, and endpoint security controls
Ability to safely execute adversarial activities in regulated environments with strict scope and approval processes
Strong written and verbal communication skills, including report writing and technical walkthroughs
Demonstrated ability to work independently while collaborating effectively with cross-functional teams
Other Skills & Assets
Familiarity with EDR, SIEM, and cloud security controls from an attacker’s perspective
Experience developing custom tooling in languages such as C#, Python, and PowerShell
Knowledge of red team infrastructure, domain management, and OPSEC best practices
Relevant certifications (e.g., CRTO, OSCP, GXPN, Red Team Ops–focused certs)
Experience in financial services, large enterprises, or highly regulated environments
Who We Are:
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we strive to make every interaction, product, and experience remarkably human and refreshingly simple for over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to foster deeper relationships, ensure disciplined execution, and build a simpler, faster banking experience.