Security Red Team Operator

Request Technology - Craig Johnson

Posted on Apr 1, 2024 by Request Technology - Craig Johnson
San Francisco, CA, 94101
IT
Immediate Start
Annual Salary
Contract/Project

*We are unable to sponsor for this 6+ Month Contract role*

Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors.

The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker.

Responsibilities:

  • Perform internal and external penetration testing of network infrastructure and applications
  • Perform Red team assessments including physical, social engineering, and network exploitation
  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
  • Perform network reconnaissance, OSINT, social engineering, and physical security reviews
  • Participate in regular exercises and perform adversary simulations to test defense controls
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation
  • Work closely with Blue team to test efficacy of existing alerts and help create new detection.
  • Create findings reports and communicate to stakeholders
  • Contribute to enhancing the teams toolkit
  • Write custom scripts to automate tasks related to finding new vulnerabilities
  • Maintain runbooks to continually improve penetration testing methodologies and threat modelling.

Qualifications:

  • 5+ years of experience in Penetration testing, Red Team and Purple Team
  • Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience
  • Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)
  • Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies
  • Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.)
  • OSCP

Reference: 2742027538

https://jobs.careeraddict.com/post/89550218

This Job Vacancy has Expired!

Request Technology - Craig Johnson

Security Red Team Operator

Request Technology - Craig Johnson

Posted on Apr 1, 2024 by Request Technology - Craig Johnson

San Francisco, CA, 94101
IT
Immediate Start
Annual Salary
Contract/Project

*We are unable to sponsor for this 6+ Month Contract role*

Prestigious Fortune 500 Company is currently seeking a Security Red Team Operator. Candidate will take a structured approach to Red Team operations (ie, testing in lab environments, creating and operating according to runbooks and SOPs, writing detailed after-action reports, participating in daily operation syncs). This is currently a two-person team. As such, the candidate will need to be a highly motivated, self-sufficient, and capable of collaborating on a small team where consensus is a must for operations to be successful. This role will also be involved in our Tabletop Exercise planning and execution, and therefore, will need excellent written and oral communication skills when dealing with all levels of the organization, from executives to individual contributors.

The Red team is responsible for testing the overall strength of our organizations defenses (the technology, the processes, and the people) by simulating the objectives and actions of an attacker.

Responsibilities:

  • Perform internal and external penetration testing of network infrastructure and applications
  • Perform Red team assessments including physical, social engineering, and network exploitation
  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
  • Perform network reconnaissance, OSINT, social engineering, and physical security reviews
  • Participate in regular exercises and perform adversary simulations to test defense controls
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation
  • Work closely with Blue team to test efficacy of existing alerts and help create new detection.
  • Create findings reports and communicate to stakeholders
  • Contribute to enhancing the teams toolkit
  • Write custom scripts to automate tasks related to finding new vulnerabilities
  • Maintain runbooks to continually improve penetration testing methodologies and threat modelling.

Qualifications:

  • 5+ years of experience in Penetration testing, Red Team and Purple Team
  • Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience
  • Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)
  • Must have a demonstrable understanding of voice and data networks, major operating systems, Active Directory, cloud technologies
  • Must demonstrate knowledge of MITREs ATT&CK framework, execute and chain TTPs
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Ability to optimally code in a Scripting language (Python, Bash, PowerShell, Perl, etc.)
  • OSCP

Reference: 2742027538

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test