Red Team Lead

SailPoint’s Cybersecurity organization is seeking a Red Team Lead with a passion for cybersecurity and protecting the organization. The successful candidate will establish our new in-house red team capabilities, continually test the security of our products, enterprise and response readiness.

We’re seeking a candidate with proven technical capabilities who can work on both the enterprise and application sides of the house. Our new Red Team Lead will embrace the opportunity to work across diverse platforms with a variety of tools and will play a key role as we continually improve our capabilities over time. They’ll work with an established team of talented and dedicated teammates to achieve our security objectives.

Our new Red Team Lead will join a growing and capable operations team of both emerging and established talent. They’ll have the opportunity to shape our future through the establishment of threat-informed defensive measures and the maturation of our existing activities. They’ll already be comfortable with the 4 I’s at SailPoint (individual, Impact, Innovation, and Integrity) even if they’re new to the concept.  They will embrace new challenges and will be a positive contributor to an already positive work culture and environment.

This is a challenging and impactful role where you will have the opportunity to work with both internal and external stakeholders, including our fantastic colleagues in IT, devops, product engineering, security engineering, and the security operations center.

This role reports directly to the Director of Security Operations and can be remote or based in Austin, TX.

Responsibilities:

• Help in establishing an in-house offensive testing capabilities.  Provide technical expertise and shape the procedural and programmatic structure of our red team activities.

• Partner closely with Architecture/Engineering, Product Development and others to define the red team program and maintain an effective relevant technology stack.

• Continually assess both our enterprise and products according to risk prioritization, accommodating ad-hoc targeted assessments on an as-needed basis.

• Build relationships across organizational boundaries to ensure that identified weaknesses are remediated and lessons learned are captured.

• Develop and refine supporting processes for all red team activities, including standard operating procedures and playbooks.

• Communicate clearly, concisely, and timely to a variety of stakeholders on both urgent and routine matters.

• Identify, track, and report on relevant metrics to measure the impact of the red team program.

• Prepare detailed reports and presentations on findings, including descriptions of exploitation techniques, the potential impact of vulnerabilities, and recommendations for mitigation

• Collaborate with the wider security team to influence and improve security posture and incident response capabilities.

Requirements:

• Meet FedRAMP access requirements.

• 6+ years of relevant work experience, including at least 3 years in red team.

• A thorough understanding of complex enterprise systems. Use knowledge of the current IT environment and industry trends to identify issues.

• Stay abreast of the latest cybersecurity trends, threats, and attack methodologies to continuously refine and update testing approaches

• Experience developing Red Team/Purple Team Scenarios

• Experience executing Red Team/Purple Team scenarios

• A proactive mindset, with a passion for driving change and strengthening security culture

• Top notch collaborative skills and a demonstrated ability to accomplish objectives that require coordinated teamwork.

• Analytical expertise, close attention to detail, critical thinking, logic, a solution orientation and to learn and adapt quickly.

• Complex decision-making skills, with an ability to clearly convey the relative costs and benefits of potential actions and a recommendation.

SailPoint is an equal opportunity employer and we welcome everyone to our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.