State Street is a global leader in financial services, and they are seeking a Red Team Engineer to be a core technical contributor for adversary-emulation and threat-informed security testing. The role involves conducting intelligence-driven assessments of enterprise applications and collaborating with various stakeholders to ensure realistic testing scenarios that reflect adversary behaviors and enterprise risks.
Execute authorized adversary‑emulation activities to assess defenses, security controls, and organizational resilience
Perform targeted security assessments across applications, infrastructure, cloud platforms, and enterprise technologies
Collaborate with cybersecurity, technology, and risk stakeholders to develop realistic, threat‑informed testing scenarios
Evaluate detection and response capabilities and support improvement through coordinated purple‑team activities
Operate within defined approval processes, scopes, authorization boundaries, and safe‑testing protocols
Develop or adapt tools and techniques to support realistic testing, ensuring secure and compliant usage
Produce clear, audit‑ready reporting and support remediation to reduce identified risks and strengthen defenses
Qualification
Required
Bachelor's degree or equivalent hands‑on security experience
2–4 years in penetration testing or red‑team activities
Strong proficiency in offensive security techniques, including infrastructure, application, and cloud‑focused penetration testing
Deep understanding of adversary behaviors and attack frameworks (e.g., MITRE ATT&CK) to inform realistic testing scenarios
Familiarity with modern security tooling, assessment utilities, and red‑team‑oriented testing methodologies
Ability to develop or adapt scripts and tools using common scripting languages
Broad technical knowledge across networks, operating systems, identity systems, cloud services, and security controls
Demonstrated analytical ability to identify core issues, interpret risk, and propose practical, evidence‑driven solutions
Strong organizational, time‑management, and prioritization skills in dynamic and high‑pressure environments
Ability to work independently while collaborating effectively with technical and non‑technical stakeholders
Commitment to maintaining awareness of emerging threats, vulnerabilities, and offensive security trends
High attention to detail and consistent delivery of accurate, high‑quality work
Clear and professional communication skills, including the ability to simplify complex technical concepts
Proven ability to handle sensitive information responsibly and operate with discretion and professionalism
Preferred
Broad experience with networks, operating systems, cloud, and security controls
Familiarity with threat‑informed testing and attack frameworks
Experience collaborating with defensive teams to validate detections
Ability to script or automate tasks using common languages
Strong reporting and communication skills across technical audiences
Benefits
Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match
Insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
Paid-time off including vacation, sick leave, short term disability, and family care responsibilities
Access to our Employee Assistance Program
Incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans)
Eligibility for certain tax advantaged savings plans
Inclusive development opportunities
Flexible work-life support
Paid volunteer days
Vibrant employee networks
State Street offers a range of financial services, including investment management, research and trading, as well as asset management.
Glassdoor
3.4
Founded in 1792
Boston, Massachusetts, USA
10001+ employees
https://www.statestreet.com/
State Street offers a range of financial services, including investment management, research and trading, as well as asset management.
