State Street
RedTeamEngineer
Neural analysis suggests this role is
optimal for Mid candidates.
“Red Team Engineer at State Street. Skills: offensive security techniques, adversary behaviors, attack frameworks, modern security tooling, assessment utilities, red‑team‑oriented testing methodologies, scripting languages, networks, operating systems, identity systems, cloud services, security controls. Execute authorized adversary‑emulation activities to assess defenses, security controls, and organizational resilience. Perform targeted security assessments across applications, infrastructure, ”
What You'll Achieve.
reduce identified risks and strengthen defenses
Industry & Context.
Demonstrated analytical ability to identify core issues, interpret risk, and propose practical, evidence‑driven solutions
What They're Looking For.
Must Have
2–4 years in penetration testing or red‑team activities, Broad experience with networks, operating systems, cloud, and security controls, Ability to script or automate tasks using common languages, reporting and communication skills across technical audiences
Nice to Have
Familiarity with threat‑informed testing and attack frameworks, Experience collaborating with defensive teams to validate detections
What You'll Do.
Execute authorized adversary‑emulation activities to assess defenses
and organizational resilience
Perform targeted security assessments across applications
and enterprise technologies
Evaluate detection and response capabilities and support improvement through coordinated purple‑team activities
Operate within defined approval processes
authorization boundaries
and safe‑testing protocols
Develop or adapt tools and techniques to support realistic testing
ensuring secure and compliant usage
audit‑ready reporting and support remediation to reduce identified risks and strengthen defenses
How You'll Work.
Team & Collaboration
Collaborate with technical experts across applications, platforms, and infrastructure, security leadership, and process stakeholders, threat intelligence and defensive analytics teams, security operations personnel, and business system owners; Collaborate with cybersecurity, technology, and risk stakeholders to develop realistic, threat‑informed testing scenarios; Ability to work independently while collaborating effectively with technical and non‑technical stakeholders
Communication Scope
Clear and professional communication skills, including the ability to simplify complex technical concepts; reporting and communication skills across technical audiences
Process & Methodology
organizational, time‑management, and prioritization skills in dynamic and high‑pressure environments
Full Job Description
**Who we are looking for** As a member of the Red Team within the Global Cyber Security group, the Red Team Engineer will serve as a core technical contributor for adversary‑emulation, threat‑informed security testing, and controlled offensive security operations. The engineer will execute activities in accordance with State Street’s standards and procedures, risk‑acceptance, and regulatory expectations, ensuring all work is conducted within approved environments, scopes, and authorization pathways. The Red Team Engineer will conduct comprehensive, intelligence‑driven assessments of enterprise applications, critical infrastructure components, and associated operational and technical security controls. These assessments evaluate not only the security posture of targeted systems but also the effectiveness of the organization’s detection, prevention, response, and governance capabilities. The Red Team Engineer will collaborate with technical experts across applications, platforms, and infrastructure, security leadership, and process stakeholders, threat intelligence and defensive analytics teams, security operations personnel, and business system owners to ensure testing scenarios reflect realistic adversary behaviors and enterprise risks. The role requires strong technical expertise and broad knowledge of core security control domains, including identity and access management, data protection, secure software development, cloud and infrastructure security, endpoint and detection technologies, network security, and enterprise vulnerability and threat management. Familiarity with security monitoring, detection engineering, and incident response processes further supports the evaluation of organizational defenses. **What you will be responsible for** * Execute authorized adversary‑emulation activities to assess defenses, security controls, and organizational resilience. * Perform targeted security assessments across applications, infrastructure, cloud platforms, and ente
Applying for this Red Team Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about State Street?
Real rants from real employees. Read before you apply.