3 months ago
Senior Red Team Operator (Full-Remote)
You must be a U.S. Citizen or Permanent Resident in order to qualify.
The Senior Red Team operator will lead Red Team engagements, these engagements will be performed using manual exploitations. The real focus is on hands-on testing and modern up-to-date tradecraft.
The position plays a critical role within their senior leadership team, where you would maintain a high level of communication with upper management, offering a tremendous opportunity for internal growth and management
- Assists in the development of strategic plans.
- Understands and can explain to others the core processes, risks, and mitigation techniques for designated areas.
- Helps determine business priorities and best sequence for execution of business/group strategy.
- Breaks down strategic problems, and analyses data and information to provide insights and recommendations.
- Builds credibility and influences/negotiates effectively to drive business performance through the development and delivery of information security solutions.
- Tracks metrics and milestones, providing recommendations for resolution and escalating as appropriate when issues arise.
- 2+ years in previous Red team positions or cyber threat-actor simulation roles
- Strong experience with Windows and Linux based platforms, applications, and TCP/IP network security technologies
- Strong technical knowledge of multifaceted exploits and chained attacks.
- Demonstrated ability to execute attack emulations without detection.
- Strong experience with information security concepts, principles, and components of a comprehensive information security program
- Strong experience with application security concepts including common application security issues such as OWASP Top 10
- Strong, demonstrable aptitude for and interest in offensive and application security.
- Strong understanding of vulnerability exploitation and an aptitude for identifying weaknesses in controls and infrastructure.
- In-depth understanding and experience with detection and response evasion techniques.
- Experience with Threat intelligence activities and understanding threat actors
- Knowledge with MITRE ATT&CK framework
- Experience in information security concepts and methodology.
- Knowledge of business analysis, project delivery practices, and standards across the project lifecycle - In-depth.