Principal Red Team Engineer

Are you a Principal Red Team Engineer looking for a great opportunity? This could be an exciting opportunity for you!

The Proactive Security Testing team is looking for inquisitive and motivated individuals to add to its team. We provide an exciting work environment that offers a healthy combination of autonomy and senior level support! Our team publishes books and security blogs, delivers conference talks, contributes to open-source software projects, and are engaged in a variety of continuous security research projects.

Aon is in the business of better decisions.

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed.

What the day will look like.

As a Principal Red Team Engineer (termed internally as a "Security Testing Manager"), you will serve as a senior member of the red team. In addition, the person in the role will do the following:

• Serve as a senior member of established Red Team services
• Bypass various EDR's in a real-world manner to be used on client assessments for delivering payloads, escalating privileges, and lateral movement.
• Target reconnaissance and discovery activities
• Both Network penetration testing (external & internal) and web application penetration testing as needed for red team operations, to include vulnerability exploitation and pivoting to gain remote system access
• Perform social engineering to include phishing, vishing, physical penetration testing
• Develop, update, and improve internal tooling used for red team engagements, penetration testing, and reporting.
• Clearly communicate vulnerabilities to client development teams during and post-assessment.
• Document technical issues identified during security assessments, outlining the associated risks for clients, and providing tailored recommendations for remediation.
• Offer technical mentorship and career development guidance to junior engineers within the organization.
• Engage in vulnerability research and exploit development to produce blog posts, conference talks, whitepapers, etc.
• Contribute to internal business operations by participating in and suggesting process improvements.

• 5+ years of hands-on experience performing red team operations.
• 5+ years of hands-on experience performing network/infrastructure penetration testing.
• Understand how to build and maintain Red Team Command and Control systems.
• Experience using various C2 frameworks including Cobalt Strike, Mythic, Havoc, Covenant, etc.
• Build social engineering phishing platforms/sites.
• Some expertise in development and/or source code review, focusing on languages such as Golang, Python, C#, C/C++, JavaScript, Java, PHP, Ruby, Swift, Objective C/C++, Kotlin, etc.
• Up-to-date experience with testing techniques and tooling, such as Burp Suite and other fuzzers/proxies.
• Deep understanding of AWS, GCP, and Azure security models, including cloud-based privilege escalation techniques, including misconfigured IAM roles, credential leaks, abuse of cloud automation services (e.g., AWS Lambda, GCP Cloud Functions, Azure Automation), as well as network, storage, and compute security misconfigurations.
• Ability to move laterally between cloud environments and on-premises domains, including hybrid attack scenarios (e.g., compromising Azure AD to gain access to on-prem AD and vice versa).
• Hands-on experience with Entra ID (formerly Azure AD), including privilege escalation techniques, role abuse, conditional access bypasses, and authentication weaknesses.
• Expertise in bypassing logging and detection in cloud environments, including evading Defender for Cloud, AWS GuardDuty, GCP Security Command Center, and other cloud-native security services.
• Familiarity with tools like AADInternals, Stormspotter, PACU, and custom cloud attack frameworks.
• Deep knowledge of common software vulnerabilities, such as those described in the OWASP Top 10 and CWE/SANS Top 25.
• Possesses a solid grasp of Unix, Windows, and network security.
• Ability to work remotely as part of a distributed team and travel to client sites when required.Excellent communication skills (written & verbal) in English, to present complex technical topics concisely to both technical and business audiences.

These skills/experiences are a plus:

• Experience at an existing consulting firm as a red team member.
• Experience developing custom scripts or tools used for vulnerability scanning and identification.
• Experience with Bug Bounties, reporting critical/high risk issues to programs.
• Experience with exploit development and reverse engineering.
• Degree in Computer Science, Information Systems, Engineering or related major and/or equivalent experience.
• Reputable security certifications, including but not limited to: CRTO, CRTE, GRTP, OSCP, OSWE, GWAPT, OSEE, OSCE/OSED, GPEN, GXPN, BSCP
• Produced public facing research and/or delivered presentations at well-known industry security conferences.

How we support our colleagues

In addition to our comprehensive benefits package, we encourage an inclusive workforce. Plus, our agile environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two "Global Wellbeing Days" each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions for our colleagues as well.

Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

Aon values an innovative and inclusive workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. People with criminal histories are encouraged to apply.

We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com

For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances.

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

The salary range for this position (intended for U.S. applicants) is $130,000 - $180,000 annually. The actual salary will vary based on applicant's education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant's geographic location.

Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon's discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies.