THE LAND OF GREATER OPPORTUNITY

Welcome to The Land, where career opportunities go hand-in-hand with higher-than-average salaries. Whether you want to work on medical breakthroughs at one of the largest hospitals in the world or pursue your passion in our growing community of manufacturing and technology startups, build your legacy in Cleveland.

Take charge of your career growth and stand out to employers in the Greater Cleveland. These free resources are designed to help you showcase your skills, connect with opportunities, and land your next role. Your next opportunity is waiting: start exploring today.

Senior Red Team Operator

Sherwin-Williams

Cleveland, OH, USA

Posted on Jun 22, 2026

The Threat Management Senior Red Team Operator is a cybersecurity professional responsible for leading and executing end-to-end adversary emulation activities across the enterprise. This role serves as a subject matter expert in simulating realistic attack scenarios, including social engineering, credential access, lateral movement, persistence, and ransomware-based attack paths, to assess and validate the organization’s ability to detect, respond to, and withstand real-world threats.

The Red Team Operator is not a traditional penetration tester but instead focuses on full attack chain execution aligned to threat-informed scenarios, business risk, and known control gaps. This role requires a strategic and technical operator capable of planning, coordinating, and executing complex engagements while collaborating closely with Incident Response, Threat Intelligence, Detection Engineering, and Application Security teams to drive measurable improvements in enterprise security posture.

This role reports directly to the Senior Manager – Threat Management

At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in:

Life … with rewards, benefits and the flexibility to enhance your health and well-being
Career … with opportunities to learn, develop new skills and grow your contribution
Connection … with an inclusive team and commitment to our own and broader communities
It's all here for you... let's Create Your Possible

At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.

Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.

Sherwin-Williams is proud to be an Equal Employment Opportunity employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.

Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.

Formal Education & Certification

Bachelor’s degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
Relevant certifications such as OSCP, CRTO, GPEN, or similar are preferred.

Knowledge & Experience

5+ years IT/Cybersecurity experience.
Proven experience executing adversary emulation, Red Team, or advanced security testing activities.
Strong understanding of attack methodologies across enterprise environments, including identity systems, endpoints, networks, and cloud platforms.
Experience with social engineering techniques and user-focused attack vectors.
Familiarity with lateral movement, privilege escalation, and persistence mechanisms.
Understanding of ransomware behaviors and attack patterns.
Experience operating within structured attack frameworks such as MITRE ATT&CK.
Ability to adapt attack execution based on detection and defensive controls.
Strong communication skills with the ability to translate technical findings into business risk.
Ability to operate independently and lead complex engagements in dynamic environments.

Preferred Experience

Experience with command-and-control frameworks (e.g., Sliver, Cobalt Strike, or similar).
Familiarity with identity and Active Directory attack tooling (e.g., BloodHound, Impacket, Mimikatz or equivalent techniques).
Experience with reconnaissance and enumeration tools (e.g., Nmap, NetExec, or similar).
Exposure to phishing and social engineering platforms (e.g., GoPhish or equivalent).
Familiarity with cloud security assessment and attack tooling (e.g., ScoutSuite or similar platforms).
Experience managing Red Team infrastructure, including VPS environments, domain setup, and attack staging infrastructure.
Exposure to adversary emulation validation platforms or automated testing solutions preferred (e.g., Safe Breach)
Experience collaborating with SOC, Detection Engineering, or Incident Response teams in a CSOC or MSSP environment.
Must be eighteen years or older.

Serve as the lead operator for adversary emulation activities, executing end-to-end attack scenarios across enterprise environments.

Plan and execute realistic attack chains including initial access, social engineering, credential access, lateral movement, persistence, and ransomware simulation.

Act as the primary subject matter expert during Red Team engagements, guiding execution strategy and adapting based on environmental conditions.

Translate threat intelligence, business risk, and known control gaps into prioritized attack scenarios.

Collaborate with Threat Intelligence to ensure alignment with real-world adversary tactics, techniques, and procedures (TTPs).

Partner with Incident Response and Detection Engineering teams to validate detection, response, and triage effectiveness during simulations.

Expand findings beyond isolated vulnerabilities by chaining weaknesses into full attack paths.

Document engagement activities, findings, and recommendations with a focus on actionable improvements.

Support post-engagement reviews to identify detection gaps, control weaknesses, and response improvements.

Assist in the development and refinement of adversary emulation methodologies, playbooks, and procedures.

Collaborate with Application Security to validate whether vulnerabilities can be exploited in realistic scenarios.

Maintain and operate Red Team infrastructure, tooling, and testing environments.

Support tabletop exercises and purple team engagements to enhance organizational readiness.

Stay current on emerging adversary techniques, tools, and tradecraft.

This is a remote position.

This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa. Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.

See more open positions at Sherwin-Williams