Job Title

Purple Teaming Specialist Your career at Deutsche Börse Group: The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity, and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000-series on the Information Security Management System. Your area of work: Cyber Defense Framework team operates in strict cooperation with CERT, SOC, Threat Intelligence and Cyber Analytics teams (responsible for SIEM use case implementation). Cyber Defense Framework team is responsible for a wide range of essential tasks, including defining comprehensive requirements, setting strategic goals, and conducting maturity evaluations to enhance our threat detection capabilities. This includes Roadmap definition, Purple Teaming, Internal Red Teaming, Threat Modeling and Threat Management structured against MITRE. We are looking for a Security Engineer (Offensive Security) to enhance our efforts in Purple Teaming, Internal Red Teaming and Threat Modeling. The ideal candidate will have a deep understanding of attack scenarios and a strong background in leveraging real-world cyber attacks in a secure matter. You will work closely with security teams to analyse attack trends, emulate cybersecurity attacks and optimize monitoring rules. Your responsibilities: Assess the organizations security posture against evolving threats and propose enhancements Drive further improvements for breach and attack simulation efforts Understand threat scenarios and threat actor approach to perform red team/penetration testing exercises and suggest remediations and support closures Threat actor profiling and understanding operations of threat actors Transpose defensive strategies and relevant threat hunting from threat actors attack approach Understand how external attacks happen and support remediation of external threats Develop and refine detection use cases based on MITRE ATT&CK and real-world attack scenarios Collaborate with Red and Blue Teams to continuously refine detection and response strategies Your profile: Previous experience in a penetration testing or red team role is considered a strong asset as well as involvement in threat detection investigations Solid IT Security technical background and broad knowledge of IT and Information Security technologies especially in the frame of threat detection and security monitoring (e.g. SIEM, EDR, Cloud Security) Solid understanding of cyber threats and appropriate detection measures Familiar with threat-informed cyber defense, esp. using MITRE ATT&CK framework Deliverable-oriented, with strong problem-solving skills and adaptation on complex and highly regulated environment Team player willing to cooperate with multiple colleagues across office locations Good report-writing skills to present the results of an attack simulation Scripting skills (e.g. Python, Bash, Perl) is considered a strong asset Technical certification in the area of Red Teaming/Penetration Testing/Purple Teaming or Threat Hunting (e.g. GIAC, OSCP, CEH, etc.) are considered as a strong asset. Familiarity with cloud security and performing security assessments in GCP, Azure, and AWS. Proficiency in written and spoken English; French/German language skills will be an asset