Cyber Security Expert (Red/Blue Team) at Mercor

Cyber Security Expert (Red/Blue Team) | $85–95/hr | Worldwide Remote

Mercor is recruiting senior cybersecurity professionals on behalf of a cutting-edge AI research lab. In this role, you will apply deep offensive and defensive security expertise to evaluate and improve AI models built for threat detection, incident response, and attack simulation. This is a high-impact, flexible remote engagement ideal for experienced practitioners from enterprise, consulting, or high-security environments.

Key Responsibilities

• Investigate and analyse real or simulated security incidents including phishing, lateral movement, ransomware, and privilege escalation.
• Review logs and telemetry from SIEM, EDR/XDR, firewall, cloud, and identity systems.
• Apply MITRE ATT&CK to classify adversary behavior and evaluate detection rules.
• Assess AI-generated investigations for technical correctness and operational realism.

• Analyse full attack chains: initial access, persistence, privilege escalation, lateral movement, and exfiltration.
• Simulate adversarial thinking to identify detection gaps and bypass techniques.
• Review exploit techniques, payload behaviors, and evasion strategies.
• Stress-test AI systems against realistic red-team scenarios.

• Provide structured reasoning explaining investigative and adversarial decisions.
• Identify weaknesses in AI threat analysis and recommend improvements.
• Help refine benchmarks for detection, triage, and attack simulation accuracy.

Requirements

• 5+ years in cybersecurity in roles such as SOC Analyst (L2/L3), Incident Responder, Detection Engineer, Threat Hunter, Red Team Operator, Penetration Tester, or Security Consultant.
• Hands-on experience with real-world security incidents.

• SIEM platforms: Splunk, Sentinel, QRadar, Elastic
• EDR/XDR tools: CrowdStrike, Defender, Carbon Black
• Log analysis, event correlation, and network traffic analysis (Wireshark, Zeek, tcpdump)
• Cloud security, IAM investigation, and MITRE ATT&CK mapping

• Penetration testing methodologies and adversary emulation
• Exploitation frameworks: Metasploit, Cobalt Strike, or equivalents
• Privilege escalation, lateral movement, evasion, and obfuscation techniques
• Active Directory attacks, phishing frameworks, and payload development (a plus)

Preferred Qualifications

• Certifications: OSCP, OSEP, CRTO (Red Team) | GCIA, GCFA, GCIH (Blue Team) | CISSP
• Scripting proficiency in Python, PowerShell, or Bash
• Experience mentoring junior analysts or red team members

Why Join

• Contribute to next-generation AI systems for cybersecurity
• Work at the intersection of offensive and defensive security research
• Shape how AI reasons about real-world cyber threats
• Flexible engagement suited for senior practitioners
• Collaborate with leading AI researchers and security experts