Job Description

Locations

• ALEXANDRIA, US, India (Remote)

Salary

Skills Required

• MITRE ATT&CK™intermediate
• Exploits and payloads developmentintermediate
• Scripting and tool developmentintermediate
• Active Directoryintermediate
• Software Developmentintermediate
• Cloud Infrastructureintermediate
• EDR detection capabilities (e.g., Carbon Black, Crowdstrike)intermediate
• Analytical skillsintermediate
• Problem-solving skillsintermediate
• Interpersonal skillsintermediate
• Organizational skillsintermediate
• Communication skillsintermediate
• Time management skillsintermediate

Required Qualifications

• 3+ years of red teaming experience in a dedicated red team role (experience)
• 5+ years of system administration, network administration, or programming experience (experience)
• Ability to develop/modify exploits and payloads to avoid defensive countermeasures (experience)
• Understanding of real-world adversary operations methodologies, tactics, techniques, and procedures, with the ability to apply frameworks like MITRE ATT&CK™ (experience)
• Demonstrated history of published exploitation research (experience)
• Strong analytical and problem-solving skills (experience)
• Good interpersonal, organizational, communications, and time management skills (experience)
• Experience coordinating security testing projects with multiple consultants (experience)

Preferred Qualifications

• History of presenting at security conferences (experience)
• Track record in vulnerability research and CVE assignments (experience)
• Knowledge of EDR detection capabilities such as Carbon Black/Crowdstrike, etc. and associated evasion techniques for behavioral based alerting (experience)
• Demonstrated exploit, payload, or attack framework development experience (experience)
• Expert level skills in one of the following: Active Directory, Software Development, or Cloud Infrastructure (experience)
• Relevant certifications from organizations like Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills (experience)

Responsibilities

• Manage full adversary simulation engagements from conception to report delivery
• Communicate effectively with team members and clients during the engagement
• Keep current with the latest offensive security techniques
• Perform adversary simulation of real-world adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK™ and other sources of information
• Develop payloads, scripts and tools that weaponize new concepts for exploitation, evasion, and lateral movement
• Engage in active evasion of defenders to avoid detection and progress engagements
• Coordinate with other Red Team operators to achieve the specified goals
• Deliver reporting and debriefs to defenders in a manner that improves detection and response capabilities
• Perform/present technical security research

Benefits

• general: Opportunity to learn and develop career
• general: Encouragement to be courageous and experiment daily
• general: Continuous trust and support in an inclusive environment
• general: Growth-minded culture with emphasis on curiosity and feedback
• general: Team-focused approach to drive exceptional outcomes
• general: Commitment to being a responsible technology innovator and a force for good

Tags & Categories