Must Have skills:
Cybersecurity
Red teaming
penetration testing
penetration testing tools and frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite, etc.).
scripting
Detailed Job Description
Job Description:
We are seeking a highly skilled and motivated Red Teaming Expert to join our cybersecurity team. The ideal candidate will be responsible for identifying, testing, and mitigating security vulnerabilities within our infrastructure, applications, and processes. This role demands a deep understanding of offensive security practices, advanced penetration testing skills, and the ability to simulate sophisticated attack scenarios to uncover weaknesses. As a Red Teaming Expert, you will work closely with other security and IT teams to strengthen our defenses and ensure a proactive security posture.
Key Responsibilities:
Simulate Advanced Threats:
Design and execute advanced attack scenarios, including network intrusions, web application attacks, phishing campaigns, and other real-world threat simulations.
Assess security risks in existing systems, applications, and processes by employing advanced attack techniques.
Conduct Full-Scope Red Team Exercises:
Lead and perform red team engagements across multiple vectors (network, physical, social engineering, etc.) to identify potential security weaknesses.
Collaborate with blue teams to simulate and evaluate threat detection and response capabilities.
Vulnerability and Exploitation Analysis:
Identify, exploit, and document vulnerabilities within various environments (cloud, on-premises, hybrid).
Assess and analyze discovered vulnerabilities to gauge their potential impact and provide actionable remediation guidance.
Incident Simulation and Response Testing:
Simulate data breaches and other security incidents to test the organization’s response and resilience.
Help improve incident response processes by providing insights on red team findings and collaborating with incident response teams.
Reporting and Communication:
Prepare detailed, well-documented reports outlining findings, attack methods, and recommended mitigation strategies.
Communicate findings to technical and non-technical stakeholders, including executive summaries for senior management.
Stay Current with Evolving Threat Landscape:
Continuously research and stay updated on the latest hacking techniques, tools, and industry best practices.
Leverage industry insights to develop new red teaming techniques and improve existing methodologies.
Training and Knowledge Sharing:
Mentor junior security team members and provide hands-on training in red teaming tactics.
Share red team insights and foster a security-conscious culture within the organization.
Required Skills and Qualifications:
Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
5+ years of experience in cybersecurity, with a focus on red teaming, penetration testing, or offensive security.
In-depth knowledge of advanced penetration testing tools and frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite, etc.).
Strong understanding of network protocols, operating systems, web applications, and cloud environments.
Proficiency in scripting languages (Python, PowerShell, Bash) and an understanding of automation techniques.
Familiarity with MITRE ATT&CK Framework and various threat modeling methodologies.
Certifications such as OSCP, OSCE, CRTO, GPEN, or equivalent are highly preferred.
Excellent written and verbal communication skills, with the ability to present technical information to a non-technical audience.
Preferred Qualifications:
Experience with physical security and social engineering testing.
Hands-on experience with threat hunting, forensics, and malware analysis.