Red Team Lead Software Engineer Ii Lead Talent500 Years T867
01: Red Team - Lead
Resource should understand concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. A typical job could be breaking into a segmented secure zone , reverse engineering an application, infra, cloud and encryption method in order to gain access to the targeted systems.
Qualifications:
Bachelor\'s degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience.
8 + Years of IT professional experience, with 6 + years Information Security experience, with previous as a red team member.
Requirements:
Define scope, objectives, and timelines for executing red team assessments and leverage data to create useful metrics.
experience in developing red team end to end operational frameworks and standards.
Conduct and manage red team assessments against a diverse cloud environment and find vulnerabilities in software, systems, networks and infrastructure to accomplish Red Team goals.
experience in performing network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
An in-depth level of knowledge of Windows exploitation and Active Directory.
Knowledge in finding and exploiting bugs and misconfigurations in: AWS, GCP, and Azure.
experience in working with Breach and Attack Simulation (BAS) tools such as AttackIQ, Safe Breach etc,
Perform simulated security testing against corporate web applications, networks and infrastructure (Windows, *nix, cloud)
Deep understanding of attack surfaces, including hands-on experience with various Cybersecurity technologies and standards (MITRE ATT and CK framework)
Ability to effectively present and communicate security threats and risks to any audience with the mitigation techniques and strategies.
Recognized as a go to person by teams including Incident Response, Security Operations, Vulnerability Management, and Penetration testing teams.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Possess a solid understanding of the Linux or Unix family of OS and their underlying components/ Networking basics.
Hands-on experience in scripting e.g. Korn Shell, Python/Perl/Ruby/Go.
Strong interpersonal skills with the ability to communicate and work effectively across the organization.
Security Certifications - OSCP, GPEN, GXPN, OSCE or similar certifications.
Preferred to have a published CVE, Github projects, bug bounty profiles, hackthebox profile, or similar.