Ridge Security, a provider of automated security validation solutions, has recently unveiled RidgeBot 7.0—a major update that brings automated Active Directory (AD) penetration testing to its platform. With this launch, the company is actively expanding its technical workforce to support the deployment, enhancement, and customer success of the new capabilities. This role offers a unique opportunity for security professionals to work at the intersection of offensive security automation and enterprise risk management, helping organizations proactively identify and close exploitable attack paths in their Windows environments.
About the Role
The position is designed for a Security Validation Engineer who will focus on the RidgeBot 7.0 platform, delivering automated AD attack simulations to enterprise clients. In this role, the engineer will design, execute, and refine penetration testing scenarios that mirror real-world attacker techniques—including enumeration, credential extraction, lateral movement, and Domain Admin compromise. The role requires a deep understanding of Active Directory security, combined with the ability to interpret automated findings and guide remediation priorities. Candidates should expect to collaborate with internal R&D, sales engineering, and external security teams to maximize the platform’s impact.
Key Responsibilities
- Deploy and configure RidgeBot 7.0 for automated security validation engagements in customer environments, with a focus on Active Directory attack path analysis.
- Design end-to-end domain compromise simulations, covering reconnaissance, privilege escalation, lateral movement, and domain dominance techniques.
- Analyze scan results to identify high-risk attack chains, misconfigurations, and exploitable vulnerabilities; provide clear, actionable reports to stakeholders.
- Work closely with the product development team to validate new attack scenarios, suggest improvements, and test detection-evasion features.
- Assist pre-sales and customer success teams by delivering technical demos and proof-of-concept trials that highlight RidgeBot’s AD testing capabilities.
- Stay current with emerging Active Directory attack research, tools (e.g., BloodHound, Mimikatz, CrackMapExec), and MITRE ATT&CK tactics to continuously update internal playbooks.
- Contribute to thought leadership by publishing internal case studies, blog posts, or whitepapers on automated offensive security validation.
Requirements
- 3+ years of hands-on experience in penetration testing, red teaming, or security validation, with a strong emphasis on Active Directory environments.
- Proficiency in common AD attack tools and techniques, including Kerberoasting, AS-REP roasting, DCSync, Pass-the-Hash/Ticket, and trust attacks.
- Familiarity with security automation platforms, scripting (PowerShell, Python), and integration with SIEM/SOAR pipelines is a plus.
- Solid understanding of Windows internals, authentication protocols (NTLM, Kerberos), and Group Policy security.
- Relevant certifications such as OSCP, OSCE, GPEN, or CRTP are highly regarded.
- Excellent communication skills—able to translate complex technical findings for both executive and technical audiences.
Compensation & Benefits
- Competitive base salary and performance-based bonus structure.
- Comprehensive health, dental, and vision insurance plans.
- Flexible remote work policy—employees can work from anywhere in the United States.
- Annual budget for professional development, certifications, and conference attendance.
- Home office stipend and latest hardware provided.
- Collaborative, research-driven culture with regular internal labs and knowledge-sharing sessions.
- Equity or stock options available for senior-level candidates.
How to Apply
Interested candidates can submit their application via the Apply Now button on this page, which will redirect to the official job listing. Full details about the role and application procedures are available there.