2 Lateral Movement Jobs

Job Title: Lead Assistant Manager - Offensive Security (IC Role) We are looking for a skilled offensive security professional to take a leading role in executing and enhancing our offensive security operations. This is an individual contributor (IC) position, with Lead reflecting the expectation to drive engagements technically and operationally - not people management. The ideal candidate will have 3-5 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a solid understanding of attacker tradecraft and the ability to execute advanced offensive assessments. You will be responsible for planning, executing, and reporting on offensive engagements that accurately reflect real-world threats, working closely with internal teams to strengthen detection and response capabilities. Key Responsibilities: Lead offensive security engagements end-to-end - from scoping and planning to execution and reporting. Conduct red team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using realistic tactics, techniques, and procedures (TTPs) such as privilege escalation, lateral movement, and domain dominance. Participate in Purple Team exercises to enhance defensive detection and response. Maintain and improve offensive methodologies, tools, and playbooks. Deliver high-quality technical reports and concise executive summaries, clearly outlining attack paths, risks, and recommendations. Keep up to date with evolving attack techniques and integrate them into testing activities. Experience: 3-5 years of experience in red teaming, penetration testing, or other offensive security roles. Proven ability to execute and coordinate complex offensive security operations. Hands-on experience with enterprise environments, including Active Directory and cloud platforms. Technical Skills: Strong understanding of Windows and Linux internals, enterprise AD security, and common cloud attack surfaces. Proficiency in offensive techniques: lateral movement, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and post-exploitation tradecraft. Familiarity with tools such as BloodHound, Mimikatz, Rubeus, Responder, SharpHound, and Burp Suite. Working knowledge of the MITRE ATT&CK framework. Scripting skills in PowerShell, Python, or Bash for automation and PoC development. Communication & Reporting: Strong technical documentation skills, translating offensive findings into clear, actionable reports. Ability to explain technical vulnerabilities and attack paths to both technical teams and leadership. Preferred Qualifications: Experience with Purple Team exercises. Familiarity with threat intelligence-led testing methodologies. Exposure to AppSec testing. Relevant certifications (e.g., OSCP, CRTO, CRTP, OSEP) are a plus.

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,