Cyber Purple Team Operator

Northern Trust

Actively hiring Posted this week Verified listing
Chicago, IL · Tempe, AZ Posted 3 days ago $99,600$169,200 / year
Apply Now Log in to save
99+ other roles within 25 mi Near Chicago, IL

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $183k
This role $134k
$85k most similar roles pay here $234k

This role pays less than 88% of similar roles. Most pay $151,106–$214,500 — the shaded band above. At the midpoint, this role pays about $134k versus about $183k for comparable roles.

Based on 240 similar postings.

Employer

About Northern Trust

Northern Trust is a leading provider of wealth management, asset servicing, asset management, and banking services to corporations, institutions, and high-net-worth individuals. Industry: Financial Services & Asset Management

Northern Trust currently has 23 open roles on FindRole.

Listed pay typically runs $137,400–$233,600 across 21 roles with salary data.

Most-posted roles

View all roles at Northern Trust

At a glance

TL;DR

The Purple Team Operator will join Northern Trust’s cybersecurity team as an advanced threat analyst, responsible for planning and executing sophisticated adversary simulations to identify vulnerabilities in the organization's defenses. This role involves developing intelligence-led exercises to assess exposure to emerging cyber threats, providing actionable recommendations to enhance detection capabilities and incident response strategies. Daily tasks include translating technical insights into risk metrics for executive stakeholders, maintaining custom tools, and improving log ingestion processes. The ideal candidate has 3+ years of experience in cybersecurity with expertise in the MITRE ATT&CK framework, proficiency in Python or PowerShell scripting, and hands-on knowledge of offensive security tools like Cobalt Strike and Metasploit. Experience with cloud environments such as Azure and AWS is essential, along with a deep understanding of SIEM solutions and network protocols.

Skills

Python PowerShell Bash MITRE ATT&CK SIEM IDS/IPS EDR Cobalt Strike Metasploit Caldera Mythic Azure AWS Active Directory EntraID OSI model TCP/IP DNS TLS AI APIs

What you'll do

  • Perform intelligence-led adversary simulation exercises to assess security gaps.
  • Provide actionable recommendations for improving detection and incident response.
  • Develop custom tools and scripts to support adversary simulations continuously.
  • Translate technical findings into risk metrics for executive stakeholders.
  • Identify and evaluate existing security controls to enhance the bank’s posture.
  • Lead post-exploitation reviews to ensure effective remediation efforts.

What we're looking for

  • 3+ years of hands-on experience in cybersecurity roles like purple teaming.
  • Deep understanding of MITRE ATT&CK framework and offensive security tools.
  • Proficiency in coding/scripting languages such as Python, PowerShell, Bash.
  • Strong knowledge of SIEM, IDS/IPS, EDR solutions, and cloud environments.
  • Ability to develop custom tools/scripts for adversary simulations and analysis.
  • Experience using AI APIs to automate tasks or analyze large datasets.
  • Understanding of networking concepts including OSI model, TCP/IP, DNS, TLS.

More like this

Similar roles

Cyber Fusion Analyst

Leidos

9358 Undisclosed Dc Customer Site, US 84 days ago $107,900$195,050
MITRE ATT&CK SIEM TIP Splunk Kusto Python AWS Azure O365 Recorded Future VirusTotal Mandiant Advantage CISSP CASP+ CE CEH CySA+ DoD 8570 IAT Level II/III DoD 8570 CSSP Analyst
Hybrid
Save

Red Team Engineer

State Street

Quincy, MA 23 days ago $120,000$202,500
Python Bash MITRE ATT&CK Kubernetes AWS Azure GCP Docker CI/CD Git PostgreSQL MongoDB Linux Windows Network Security Penetration Testing Security Monitoring Incident Response Threat Intelligence Secure Software Development
Save

Manager, Offensive Security: Purple Team

Capital One Financial

McLean, VA 64 days ago $197,300$225,100
Python SQL EDR Databricks Spark Kubernetes Terraform AWS Azure GCP CI/CD Git Linux Windows PostgreSQL MongoDB ELK_stack Splunk PowerShell Bash
Save

Senior Red Team Cybersecurity Specialist

The Federal Reserve

Remote - Virginia, US 8 days ago $130,100$178,800
Python PowerShell Go C# AWS Azure GCP Kubernetes Terraform Docker CI/CD Git PostgreSQL MSSQL Linux Windows Nmap Metasploit Wireshark ActiveDirectory
Hybrid
Save

Cyber Automation Lead

Booz Allen Hamilton

Fayetteville, NC 69 days ago $86,800$198,000
Ansible Terraform Salt Puppet PowerShell Chef Infrastructure as Code AI Machine Learning Zero Trust Security Splunk Enterprise Splunk SOAR Git IaC CI/CD
Save

Staff Cyber Software Engineer

Northrop Grumman

Annapolis Junction 7 days ago $185,900$292,100
C C++ Java Python Assembly Perl .NET Visual Studio make files TCP/IP Unit testing frameworks CI/CD Windows Unix/Linux Embedded systems Mobile platform development GOTS Open-source build environments Network sockets programming Packet-level protocols IP TCP Application-level protocols
Save