Update 6 files

- /content/handbook/security/security-operations/red-team/_index.md
- /content/handbook/security/security-operations/red-team/opportunistic-attacks/_index.md
- /content/handbook/security/security-operations/red-team/how-we-operate/_index.md
- /content/handbook/security/security-operations/red-team/research.md
- /content/handbook/security/security-operations/red-team/stealth-operations.md
- /content/job-families/security/red-team.md

content/handbook/security/security-operations/red-team/_index.md

@@ -100,7 +100,7 @@ We also track results via metrics which are available internally, including MITR
 
 The goal of a Red Team operation is often to test our policies and procedures when reacting to an actual threat. This includes identifying suspicious activity and following the appropriate runbook to investigate and respond to that threat.
 
-If any team member, at any time, could simply ask *"Hey, this looks suspicious. Is this our Red Team?"* then this opportunity would be lost. **Instead, all suspicious activity should be treated as potentially malicious and acted upon accordingly**.
+If any team member, at any time, could simply ask _"Hey, this looks suspicious. Is this our Red Team?"_ then this opportunity would be lost. **Instead, all suspicious activity should be treated as potentially malicious and acted upon accordingly**.
 
 We have private Slack channels in place where designated team members can ask the Red Team if a certain activity belongs to them. This helps us to provide realistic opportunities to practice detection and response without escalating too far. For example, we would not want an emulated attack to affect production operations or escalate to third parties.
 
@@ -110,7 +110,7 @@ You can read more about this process in the ["Requests for Disclosure" section](
 
 ### How the Red Team will respond to this question
 
-If the Red Team is ever asked *"Is this you?"* by someone other than the designated team members mentioned above, they will respond with the following text:
+If the Red Team is ever asked _"Is this you?"_ by someone other than the designated team members mentioned above, they will respond with the following text:
 
 > Thanks for your vigilance! Any suspicious activity should be treated as potentially malicious. If you'd like to contact security, you can follow the process [here](../engaging-security-on-call).
 >

content/handbook/security/security-operations/red-team/how-we-operate/_index.md

@@ -2,7 +2,7 @@
 title: "How the Red Team Operates"
 ---
 
-# How the Red Team operates
+## Rules of Engagement
 
 - [rules of engagement](rules-of-engagement.md)
 

content/handbook/security/security-operations/red-team/opportunistic-attacks/_index.md

@@ -2,10 +2,8 @@
 title: Opportunistic Attacks
 ---
 
-# Opportunistic Attacks
-
 Short operations that allow us to explore intial access vectors we come across.
 
 ## Club Red
 
-Club Red is our programme that allows GitLab team members to help us discover and develop initial access vectors and optionally, collaborate with us to carry them out.
\ No newline at end of file
+Club Red is our programme that allows GitLab team members to help us discover and develop initial access vectors and optionally, collaborate with us to carry them out.

content/handbook/security/security-operations/red-team/research.md

@@ -2,6 +2,4 @@
 title: "Red Team Research"
 ---
 
-# Research
-
-Link to blogs etc.
\ No newline at end of file
+Link to blogs etc.

content/handbook/security/security-operations/red-team/stealth-operations.md

 ---
-title: "Stealth Operations"
+title: "Red Team Stealth Operations"
 ---
 
-# Red Team Stealth Operations
-
 Stealth operations is our most significant offering, providing GitLab an opportunity to practice responding to real-world attacks.
 
 ## Who is involved?
@@ -18,4 +16,4 @@ Stealth operations can vary in format and length. Some follow a more defined cyc
 
 All our stealth operations emulate threats most likely to target GitLab, our platform, and our customers. This focused approach sharpens our defenses and keeps us ahead of potential attacks.
 
-Stealth operations require [special rules](red-team-roe#stealth-operations). Examples of techniques we may use and those we will specifically avoid can be found in [Stealth Operation Techniques](red-team-roe#stealth-operation-techniques).
+Stealth operations require [special rules](rules-of-engagement#stealth-operations). Examples of techniques we may use and those we will specifically avoid can be found in [Stealth Operation Techniques](rules-of-engagement#stealth-operation-techniques).

content/job-families/security/red-team.md

@@ -16,7 +16,7 @@ Our Red Team works **together** with our Blue Team. Even when planning attacks,
 ## Responsibilities
 
 - Maintain a deep understanding of GitLab's product offerings, how they work, and how they could be attacked or abused
-- Propose, plan, and execute [Red Team operations](/handbook/security/security-operations/red-team/#what-the-red-team-does) based on realistic threats to the organization
+- Propose, plan, and execute [Red Team operations](/handbook/security/security-operations/red-team/#services-we-offer) based on realistic threats to the organization
 - Automate attack techniques, creating custom tooling for specific operations and contributing to general-purpose open source tools
 - Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations
 - Collaborate with GitLab's [Security Incident Response Team (SIRT)](/handbook/security/security-operations/sirt/) to improve detection and response capabilities