Job Title : Lead Engineer – Red Team Location : BengaluruRoles and Responsibilities: Lead penetration tests against core client infrastructure and applications in multiple areas. Produce high quality reporting deliverables to other teams and senior management. Proactive and self-driven to research and create/deliver new assessments. Research new vulnerabilities and assist in identifying their impact on client. Write custom tools to assist in making assessments more efficient. Red/Purple Team engagements: o Research modern APTs/TTPs – support Threat Hunting with designing/implementing emulations. o Deepen knowledge on all aspects of MITRE ATT&CK and Cyber Kill Chain. o Work on developing Red Team skillset: ▪ C2 infrastructure setup ▪ Advanced Phishing setup ▪ Payload development and testingDelivery Expectations: Ability to perform solo penetration tests in four areas to a high standard – two core and two additional. Testing proficiency should be of a high standard to ensure solid coverage of risks. A mature level of reporting/presentation is expected with well researched remedial advice for all findings. Ability to aid in the design and execution of a Red Team engagement following a lead. Ability to deliver a Red Team narrative-based report to a good standardSkill Areas: Advanced competence in at least two core assessment areas from the following: Web/API External Network Internal Network AWSAdditional competence in performing an assessment in at least two of the following: Azure AD Assessment IAM & SSO Services Assessment Zero Trust Assessment Linux Assessment Mac Assessment Windows AssessmentFundamental understanding of the following with respect to Red Team engagements: Methodology - Cyber Kill Chain MITRE Framework (ATPs/TTPs/IOCs)Competence in at least one Red Team related skill from the following: Active Directory C2 Setup/Management Payload Dev - EDR/DLP Bypass Payload Delivery Lateral Movement Phishing Stealth/Operational SecurityCertifications (Preferred): At least one of the following is preferred: Network related: OSCP or similar. Web related: eWPTX or similar. AWS related.Experience: Penetration tester with 2-3 years of assessment experience. Beginner Red Team experience having delivered at least a couple of engagements following an experienced lead.Education: More emphasis is placed on practical experience and professional certifications at this level.
Job Title
Cyber Security Engineer