Senior Red Team Engineer

Recruitment Fraud Alert

We’ve learned that scammers are impersonating Commvault team members—including HR and leadership—via email or text. These bad actors may conduct fake interviews and ask for personal information, such as your social security number.  

What to know:

• Commvault does not conduct interviews by email or text.
• We will never ask you to submit sensitive documents (including banking information, SSN, etc) before your first day.

If you suspect a recruiting scam, please contact us at wwrecruitingteam@commvault.com 

 

About Commvault 

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data. 

Senior Red Team Engineer

The Opportunity:

We are seeking a highly skilled Senior Red Team Engineer to simulate real-world adversaries, identify exploitable weaknesses, and strengthen our security posture through controlled offensive security operations. This role will design and execute red team campaigns across applications, cloud environments and infrastructure.

The ideal candidate combines deep offensive technical expertise with strong reporting skills and the ability to collaborate with Blue Team, Detection Engineering, and DevSecOps.

What you’ll do…

• Plan and execute adversary simulation exercises.
• Conduct stealthy, multi-stage attack campaigns (external and internal).
• Emulate nation-state, ransomware, and advanced persistent threat (APT) tactics.
• Perform assumed breach scenarios and lateral movement exercises.
• Test detection and response capabilities of SOC teams.
• Perform offensive security testing:
• Network penetration testing
• Web and API application testing
• Cloud security assessments (AWS/Azure/GCP)
• Active Directory exploitation
• Container/Kubernetes security testing
• Identify misconfigurations, privilege escalation paths, and attack chains.
• Develop and modify exploits as needed.
• Develop / modify tools or scripts when needed for testing scenarios.
• Produce detailed technical reports and executive summaries.
• Map findings to MITRE ATT&CK framework.
• Partner with:
• Blue Team to improve monitoring and detection
• DevSecOps to strengthen security controls
• Engineering teams to fix identified vulnerabilities
• Conduct post-engagement debrief sessions

Who you are?

• 6 to 10 years of experience in penetration testing, red teaming, or offensive security.
• Experience testing cloud-native environments.
• Experience working in purple team exercises.
• Strong understanding of:
• Networking basics (TCP/IP)
• Windows and Linux systems
• Active Directory security
• Web application vulnerabilities (OWASP Top 10)
• Cloud security attack methods
• AI systems and related vulnerabilities

• Hands-on experience with:
• Privilege escalation
• Moving across systems (lateral movement)
• Maintaining access (persistence)
• Command-and-control setups

Preferred Qualifications:

• Knowledge of malware analysis or reverse engineering.
• Security certifications such as OSCE, CRTO, CRTP, OSCP or similar.

You’ll love working here because...

• Continuous professional development, product training, and career pathing
• Annual health check-ups, Tuition Reimbursement
• An inclusive company culture, an opportunity to join our Community Guilds
• Personal accident cover and Term life cover

Ready to #makeyourmark at Commvault? Apply now!

#LI-RK1