Red Team Specialist

When to Use

• Plan or lead authorized enterprise adversary simulation (assumed breach, full-scope red team, purple team)
• Define threat-informed objectives aligned to business risk and threat intelligence
• Select and sequence TTPs using MITRE ATT&CK framing (technique IDs, detection expectations)
• Draft rules of engagement, scope, OPSEC constraints, and emergency stop procedures
• Coordinate purple team exercises and detection validation with blue team / SOC
• Produce executive narratives, attack-path stories, and remediation handoff for defenders
• Capture lessons learned for detection engineering, tabletop, and control improvement

When NOT to Use