Senior Red Team Operator

<div class="content-intro"><h3><strong>You could work anywhere. Why Figment?</strong></h3> <p><a href="https://figment.io/"><strong>Figment</strong></a> powers the future of Web3 through industry-leading blockchain infrastructure. As the leading provider of staking solutions, <strong>we help 500+ institutional clients optimize their crypto rewards</strong>, including top exchanges, asset managers, wallets, foundations, custodians, and major token holders. Our clients trust Figment for a comprehensive suite of services, including <strong>reward optimization</strong>, <strong>cutting-edge API development</strong>, detailed <strong>rewards reporting</strong>, seamless <strong>partner integrations</strong>, <strong>governance support</strong>, and <strong>slashing protection</strong>.</p> <p>Backed by a team of passionate and intelligent Figmates, with a <strong>100% remote-first</strong> global presence across <strong>12 countries</strong>, our company is on a mission to accelerate the adoption, growth, and long-term success of the Web3 ecosystem. We’re building the infrastructure that will power the decentralized future.</p> <p>As a fast-growing tech company, we’re looking for <strong>builders</strong> and <strong>innovators</strong> — people who thrive in the face of uncertainty and are motivated to make an impact. We are also looking for true teammates - people who are genuine, humble, and driven to level up together. If you're excited to shape the future, contribute to an <strong>energetic company culture</strong>, and work at the cutting edge of blockchain technology, we want you to join our team and help us lead the charge!</p></div><p class="font-claude-response-body break-words whitespace-normal leading-[1.7]"><strong>About the opportunity</strong></p> <ul> <li class="font-claude-response-body break-words whitespace-normal leading-[1.7]">As a senior member of the Figment Security Team, you'll plan and run full-scope adversary emulation across all of Figment's products and platforms, from conventional cloud and application infrastructure to build pipelines and crypto systems. You'll own engagements end-to-end: evaluating environments to find vulnerabilities, building the attack scenarios to prove them out, and seeing your findings drive real fixes.</li> <li class="font-claude-response-body break-words whitespace-normal leading-[1.7]">This role is as much about partnership as it is about offense. You'll work directly with stakeholders and the blue team to communicate findings clearly, recommend practical mitigations, and help strengthen our overall security posture.</li> </ul> <p><strong>How you will make an impact</strong></p> <ul class="[li_&amp;]:mb-0 [li_&amp;]:mt-1 [li_&amp;]:gap-1 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-1 pl-8 mb-3"> <li class="font-claude-response-body whitespace-normal break-words pl-2">Plan and execute red team engagements, pentests, and ad-hoc assessments against cloud, development pipelines, web and application layers, source code, and more.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Apply attacker tactics, techniques, and procedures safely within Figment environments, including detection-evasion work.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Produce clear reports and presentations tailored to both technical and executive audiences.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Partner with stakeholders, including technical staff, leadership, and legal counsel, to translate findings into risk-appropriate, actionable recommendations.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Collaborate with the blue team to suggest mitigations, validate fixes, and improve defensive coverage.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Mentor blue team members and lead cross-team exercises such as purple teaming.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Support incident response with offensive security technical expertise and contribute to post-incident action plans.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Build and improve red team tooling, scripts, infrastructure, methodologies, and documentation.</li> </ul> <p class="font-claude-response-body break-words whitespace-normal leading-[1.7]"><strong>What you bring to the team</strong></p> <ul class="[li_&amp;]:mb-0 [li_&amp;]:mt-1 [li_&amp;]:gap-1 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-1 pl-8 mb-3"> <li class="font-claude-response-body whitespace-normal break-words pl-2">Experience with and strong understanding of cloud platforms, CI/CD pipelines, and supply chains.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Demonstrated use of AI tools to accelerate offensive work (LLM-assisted code review, payload generation, recon, report drafting), with sound judgment about where they help versus where manual testing is required.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Offensive expertise in container orchestration: attacking and escaping Docker and Kubernetes (container breakout, RBAC abuse, misconfiguration exploitation).</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Experience performing API and web application assessments.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Experience performing source code review for security flaws.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Experience building automations that chain red team tooling together, cutting manual effort across recon, exploitation, and reporting.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Strong written and verbal communication conveying findings, risk, and remediation to engineers, stakeholders, and executives.</li> </ul> <p class="font-claude-response-body break-words whitespace-normal leading-[1.7]"><strong>Bonus if you have:</strong></p> <ul class="[li_&amp;]:mb-0 [li_&amp;]:mt-1 [li_&amp;]:gap-1 [&amp;:not(:last-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-disc flex flex-col gap-1 pl-8 mb-3"> <li class="font-claude-response-body whitespace-normal break-words pl-2">Industry certifications such as OSCP/OSCE, OSEP, OSWE, GPEN, GCPN, GWAPT, or GXPN.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Solid understanding and experience working with GitHub and GitHub Actions.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Programming skills as well as the ability to read and assess applications written in multiple languages such as Go, Rust, and Ruby.</li> <li class="font-claude-response-body whitespace-normal break-words pl-2">Understanding of security risks for blockchain and crypto.</li> </ul> <p><strong>Why you might be excited about us</strong></p> <p>At Figment, we offer an exciting range of competitive benefits designed to support and empower every member of our team:</p> <ul> <li><strong>100% remote-first environment.</strong> Our flagship office is in Toronto, Canada. We also have additional co-working spaces in New York, London, and Singapore. That means if you want to do your thing in the office (if you’re near one), at home, or a bit of both, it’s up to you.</li> <li>4 weeks of <strong>PTO</strong> that kick in day one, with an additional 1 week of flex days.</li> <li>Extended <strong>company-paid health benefits</strong> that kick in day one.</li> <li>Best-in-class <strong>parental leave</strong> and flexible arrangements.</li> <li>A <strong>home office stipend</strong> to create a space that you enjoy working in.</li> <li>Monthly <strong>Wi-Fi reimbursement.</strong></li> <li>A yearly <strong>Learning &amp; Development budget.</strong></li> <li>401K (US) or RRSP match (Canada).</li> <li><strong>Stock Options</strong> in the company.</li> <li>Annual <strong>on-site company gatherings </strong>and retreats to inspire team bonding, collaboration, and fun!</li> </ul> <p><strong>Other reasons you may love working at Figment:</strong></p> <ul> <li>We are a <strong>team of under 200 members</strong>, which allows for an impactful contribution from day one.</li> <li>We place a strong focus on <strong>personal career development</strong> to shape a role that fits your goals and interests. Your satisfaction and well-being matter to us, and we’re here to support your ongoing growth.</li> <li>Our culture is one of honesty, professionalism, and risk-taking in a high-growth environment.</li> <li>Our team members themselves recommend working at Figment - with an <strong>eNPS</strong> score of 54 (which is ranked as ‘great’!).</li> <li>We are also extremely proud to be ranked as <a href="https://cdn.prod.website-files.com/65e30093d486d28f68bfcaa5/67164cbcfd50e1961c776950_tt%20list%20%5Bupd%2021%20oct%5D.pdf"><strong>one of the top Web3 employers</strong></a> by Talent Titans.</li> </ul> <p>&nbsp;</p> <p><strong>Compensation: </strong>One of Figment’s core principles is “Making the Invisible Visible” - ensuring transparency and information sharing in all communication. Figment is committed to transparency regarding pay, benefits, and other compensation types for all internal roles as well as all roles being hired for.</p> <p><strong>Base Salary:</strong> The US base salary range for this position is USD $165,000 - $180,000.<strong> The CAD base salary range for this position is CAD $165,000 - $180,000. </strong>This range reflects base salary only, and does not include additional compensation, sales incentives or benefits. <em>For candidates in other countries, the pay range will be disclosed upon your first interview with Figment (being a globally remote company, the list of salary ranges would simply be too long to note here!).</em> The range displayed reflects the minimum and maximum range for a new hire across all of Canada or the US. A candidate’s specific pay within the range will be determined by various factors including job-related skills, relevant education, and training.</p> <p><strong>Interview process: </strong>At Figment, we try to go above and beyond in making sure that you have the best possible experience interviewing with us. We strive for a smooth, organized, and informative process.</p> <ul> <li>During your first Recruiter Call, you will be provided with more information about Figment, the position and what to expect for the rest of the interview process. Please be prepared to discuss why you are interested in joining Figment and what excites you about the position and company.</li> <li>As we go through the process, we work to make sure that you hear back from us in a timely fashion. If we decide at any point that we’re unfortunately not moving forward, we will give you feedback on why it was not a fit.</li> <li>We aim for the entire process to take around 2–4 weeks from initial screen to offer. There can be exceptions on either side of the bell curve here, but as a rule, that’s the time-frame you can expect.</li> </ul><div class="content-conclusion"><hr> <p>See here for Figment's&nbsp;<a href="https://figment.io/privacy-policy/">Privacy Policy</a>&nbsp;and&nbsp;<a href="https://figment.io/california-employee-privacy-notice/">California Employee Privacy Policy.</a></p> <p><em data-stringify-type="italic">At Figment, we have a thorough hiring process to verify the identity of all job candidates. This includes checking documents, conducting in-person interviews and completing background checks. Candidates must pass all these steps to be considered for a job with Figment. Anyone who provides false information or tries to skip these steps will be disqualified from the hiring process immediately.</em></p> <p><strong><span class="notion-enable-hover" data-token-index="0">To learn more about Figment, our team, and the amazing work we are doing, visit&nbsp;</span><a class="notion-link-token notion-focusable-token notion-enable-hover" href="https://figment.io/company/about/" data-token-index="1"><span class="link-annotation-unknown-block-id-321665186">our website</span></a><span class="notion-enable-hover" data-token-index="2">. Are you ready to join us?</span></strong></p></div>