26Tim MalcomVetter

“Some really smart penetration testers I know would probably get bored if they realized how much tedious recon and planning goes into a red team campaign.”

Closeup image of "Tim MalcomVetter," who leads red team program at the world’s largest company.

Twitter: @malcomvetter

Hi! My name is Tim MalcomVetter. I started using, building, and breaking computers in the 1980s as a kid and started getting paid for it in 2000. Along the way, I’ve:

  • Consulted with Fortune 500s
  • Hacked mainframe sockets to web APIs, fuel pumps to mobile apps
  • Led e-commerce dev teams
  • Deployed enterprise security solutions
  • Made plenty of mistakes

Currently, I’m quite fortunate to run a great red team program at the world’s largest company, simulating adversaries across five continents with fantastic teammates I’ve been able to recruit/retain (hobby and career aligned)!

How did you get your start on a red team?

Right place, right time, right skills, right attitude. I like to think that red teaming really pulls in all the skills I’ve learned from every job I’ve ever had—in security or otherwise. I don’t think I can downplay any past experiences as not playing a role in my ability to get my career where it is—including part-time retail jobs in high school and college. I’m the sum of those experiences.

I also have to acknowledge how being a trusted advisor to an important client was a major contributing factor in my career. I was in the right position to help an organization grow ...

Get Tribe of Hackers Red Team now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.