RedLab exists to make organizations meaningfully more resilient against the adversaries targeting them. We hire practitioners — people who have operated in the field, understand what adversaries actually do, and care about translating that knowledge into better security outcomes for the organizations we protect. If that describes you, keep reading.
We do not have a ping pong table or a kombucha tap. We have a culture built around doing serious security work seriously — and then stepping away from it when the day is done.
Every piece of work at RedLab connects directly to whether an organization can defend itself against a real adversary. There is no busy work, no theater, and no security for compliance sake alone. Our red team operators run engagements that change how organizations think about their risk exposure. Our analysts detect threats that would have been breaches. Our advisors design programs that measurably move the needle on security maturity. You will see the difference your work makes.
RedLab invests in your professional development as a direct investment in our capability. We have a $5,000 annual training budget per practitioner with no approval process for industry standard certifications and conferences. We run internal research weeks, cross-team knowledge transfers, and an internal CTF league. Senior practitioners mentor junior ones through structured shadowing on live engagements. Promotions happen when you are ready for them — not on an annual calendar that treats everyone the same.
Cybersecurity is a high-stakes discipline and practitioner burnout is a genuine industry crisis. RedLab takes this seriously. We do not celebrate people for working nights and weekends — we celebrate teams that deliver quality work sustainably. Our incident response rotations are staffed to prevent any individual from being on-call more than one week in four. Flexible PTO means unlimited time off with manager alignment, and we actively track utilization to ensure people actually take it. Effective work and sustainable work are not opposites.
RedLab practitioners are encouraged to contribute to the security community — publishing research, speaking at conferences, releasing open-source tools, and mentoring the next generation of security professionals. We sponsor DEF CON, Black Hat, BSides events, and WiCyS annually and send employees who want to speak. We believe that a stronger security community benefits everyone we serve, and we act accordingly rather than treating our knowledge as a competitive moat to be hoarded.
Competitive compensation, strong benefits, and the things that actually matter to security professionals — time, autonomy, and access to continuous learning.
We hire for skill, drive, and integrity — not pedigree. We are actively committed to building a team that reflects the full diversity of the security community.
We are looking for an experienced penetration tester to join our red team practice. You will lead external network, web application, and assumed-breach engagements for enterprise and government clients, develop custom tooling to evade modern endpoint controls, and mentor junior team members. The ideal candidate holds OSCP or equivalent and has three or more years of hands-on offensive security experience outside of academic or CTF contexts. Familiarity with C2 frameworks (Cobalt Strike, Havoc, Sliver) and custom implant development is strongly preferred.
Join RedLab's Threat Research Unit as a Threat Intelligence Analyst responsible for tracking adversary campaigns, developing threat actor profiles, and producing actionable intelligence products for both internal security operations and client consumption. You will monitor criminal forums, dark web sources, and open-source intelligence channels; analyze malware samples; author finished intelligence reports; and maintain STIX/TAXII intelligence feeds. Prior experience in a cyber threat intelligence role, national security analysis, or OSINT investigation is required.
RedLab's Advisory Practice is growing its cloud security capability and seeking a Cloud Security Architect to lead engagements across AWS, Azure, and GCP environments. You will design cloud security architectures, conduct cloud configuration assessments and penetration tests, develop Infrastructure-as-Code security controls, and guide clients through cloud security transformation programs. Proficiency in Terraform or CloudFormation, deep knowledge of cloud IAM models, and experience with CSPM tooling (Wiz, Orca, Prisma) are essential.
Our Incident Response practice handles some of the most complex and high-stakes breaches in the country. As an IR Consultant you will be deployed to active incidents involving ransomware, nation-state intrusions, insider threats, and fraud cases — leading containment, forensic investigation, and recovery activities from initial scoping through post-incident reporting. On-site travel will be required on short notice (typically 25–40% of the time depending on caseload). GCFE, GCFA, or equivalent digital forensics certification is strongly preferred; experience with Magnet Axiom, Velociraptor, or KAPE is a plus.
RedLab is expanding its Human Risk Management practice and seeks a Security Awareness Program Manager to design, deliver, and measure security awareness programs for enterprise clients across financial services, healthcare, and government sectors. You will manage multi-year client relationships, design phishing simulation campaigns, build role-based training curricula, analyze behavioral metrics, and present program effectiveness to CISO and executive audiences. Experience with KnowBe4, Proofpoint Security Awareness Training, or equivalent platforms is required. A background in instructional design, organizational psychology, or behavioral economics is a significant advantage.
Our growing Application Security practice is seeking an Application Security Engineer to conduct secure code reviews, web application and API penetration tests, and SDLC security advisory engagements for technology company clients. You will identify business logic flaws, authentication and authorization weaknesses, injection vulnerabilities, and cryptographic issues across modern web frameworks and REST/GraphQL APIs. Proficiency in at least two of Python, Java, JavaScript/TypeScript, or Go is expected, along with practical experience with Burp Suite Pro, semgrep, or equivalent SAST tooling. BSCP or eWPTX holders are strongly encouraged to apply.
RedLab Security is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other protected characteristic under applicable federal, state, or local law. We are committed to building a team as diverse as the threat landscape we defend against — and we actively work to remove the barriers that have historically kept underrepresented groups out of cybersecurity careers. Reasonable accommodations are available for applicants with disabilities. To request an accommodation in the application process, contact hr@redlab.io.