Red Team Lead Software Engineer Ii Lead Fortune 100 Leading Giant Years T872
01: Red Team - Lead
Resource should understand concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. A typical job could be breaking into a segmented secure zone , reverse engineering an application, infra, cloud and encryption method in order to gain access to the targeted systems.
Qualifications:
Bachelor\'s degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.
8 + Years of IT professional experience, with 6 + years Information Security experience, with previous as a red team member.
Requirements:
• Define scope, objectives, and timelines for executing red team assessments and leverage data to create useful metrics.
• experience in developing red team end to end operational frameworks and standards.
• Conduct and manage red team assessments against a diverse cloud environment and find vulnerabilities in software, systems, networks and infrastructure to accomplish Red Team goals.
• experience in performing network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
• An in-depth level of knowledge of Windows exploitation and Active Directory.
• Knowledge in finding and exploiting bugs and misconfigurations in: AWS, GCP, and Azure.
• experience in working with Breach and Attack Simulation (BAS) tools such as AttackIQ, Safe Breach etc,
• Perform simulated security testing against corporate web applications, networks and infrastructure (Windows, *nix, cloud)
• Deep understanding of attack surfaces, including hands-on experience with various Cybersecurity technologies and standards (MITRE ATT and CK framework)
• Ability to effectively present and communicate security threats and risks to any audience with the mitigation techniques and strategies.
• Recognized as a go to person by teams including Incident Response, Security Operations, Vulnerability Management, and Penetration testing teams.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Possess a solid understanding of the Linux or Unix family of OS and their underlying components/ Networking basics.
• Hands-on experience in scripting e.g. Korn Shell, Python/Perl/Ruby/Go.
• Strong interpersonal skills with the ability to communicate and work effectively across the organization.
• Security Certifications - OSCP, GPEN, GXPN, OSCE or similar certifications.
• Preferred to have a published CVE, Github projects, bug bounty profiles, hackthebox profile, or similar.