Role: Senior Security Consultant - Red Team
Location: Madrid (Hybrid)

Thank you for checking out our job opening! We are excited that YOU are interested in learning more about NCC Group.

The Role:

You’ll be involved in every aspect of the attack chain, from social engineering and initial access to evading best-in-class EDR products and lateral movement.

Operational security and safety of target environments are critical. You’ll leverage your extensive experience managing operational risk and communicating with client stakeholders to mitigate risks throughout all Red Team activities.

You will lead in capability development and tool creation to automate activities or exploit weaknesses identified in the environment.

Lastly, you’ll apply your high standard of written English for reports and presentations, briefing both technical and C-level audiences on your activities and findings.

Key Accountabilities:

Simulate adversarial attacks: Design and execute cyber-attack scenarios to identify vulnerabilities in infrastructure, applications, and processes, working with high-maturity clients and recognized regulatory frameworks.

Report and advise: Present findings and risks to stakeholders, offer actionable recommendations, and write attack narratives for non-technical readers.

Engage and collaborate: Work independently and as part of a team, building strong relationships with colleagues, clients, C-level teams, and security departments to maximize value.

Always learn: Stay updated on the latest adversarial techniques, tools, and cybersecurity trends, sharing successful methods and introducing new ones when appropriate.

Mentor and train: Act as a resource for junior team members and other departments, imparting knowledge on current threat vectors and best practices for defense.

What We’re Looking For:

Demonstrable experience in advanced red teaming.

Experience working with global regulatory schemes (CBEST, TIBER, CORIE, AASE, iCAST, FEER).

A comprehensive understanding of most of the following domains:

Cloud platforms and security mechanisms

Microsoft Active Directory & Office 365 Security

EDR/EPP bypasses

Email Gateways and Filters

Web Gateways and Proxies

MacOS client environments

Proactive, team-oriented, and adept at problem-solving.

Familiarity with Spain's cybersecurity regulations, standards, and best practices.

CREST certifications (CCT-INF, CCSAS, or CCSAM) are a plus.

About NCC Group:

We are passionate about helping our customers protect their brand, value, and reputation against the ever-evolving threat landscape. We fuel this passion by investing in our people and our business.

We strive to create an environment where all colleagues feel psychologically, emotionally, and physically safe to be authentic, share their personal experiences, and represent the diversity of the world they live in. We also ensure equal opportunity for everyone to achieve their best.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation businesses: NCC Group

Benefits:

Competitive salary and package

Lifestyle and wellness benefits

A truly hybrid role that promotes a healthy work-life balance

Additional perks to enhance your day-to-day life

About Your Application:

We review every application received and will contact you if your skills and experience align with what we’re looking for. If you don’t hear back from us within 10 days, please don’t be discouraged – we may keep your CV on file for future vacancies and encourage you to continue checking our career opportunities for other roles that might be a good fit.

If you’d prefer us not to retain your details, please email us at global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please let us know at any stage.

Please Note:

This role requires background clearance due to the nature of the work NCC Group performs. To apply, you must be willing and able to undergo the vetting process.

Company

For job seekers

For companies

Cyber Security jobs

Security Consultant - Red Team

Security Consultant - Red Team

Security Consultant - Red Team

Location

Workplace

Type

Posted

Website

Similar Jobs

Security Consultant, Global Services Security

Cyber Security Engineer - Sr. Consultant level - Cloud Security Engineering

Senior Cyber Security Consultant

Security Consultant

Security Consultant

Security Consultant

Security Consultant

Snr Security Consultant, - Global Accounts, Professional Services, AWSI-SDT-APJ-Japan

Sr. Security Consultant, AWS Industries, AWSI-SDT-APJ

Cyber Security Senior Consultant