Sr. Cyber Security - Red Teamer

Requirements

About the role

• A minimum of 08-10 years of experience in Information Security, with at least 05-06 years in a senior Offensive Security role, preferably within the financial or banking sector
• Hands-on experience in conducting covert security assessments, including physical, network, application, and social engineering scenarios
• Proficiency in exploiting vulnerabilities, bypassing security controls, lateral movement, privilege escalation, and exfiltration techniques
• Strong understanding of operating systems, networking protocols, cloud platforms, and web applications. Analytical thinking, creativity, and adaptability in dynamic attack scenarios
• Excellent communication skills to explain technical findings to non-technical audiences and work effectively within multi-disciplinary teams
• Should have experience to performed Web Application, API (Rest & GraphQL), Infrastructure, Mobile Application (Android & iOS) Security Assessments
• Regular Risk assessment Identifying and prioritizing protection resources for key assets in danger of exploitation
• Strengthening techniques making organization security stronger by knowing how to fix vulnerability weaknesses
• Experience in monitoring and detection systems by using packet sniffing devices, SIEM systems, IDS, and IPS etc.
• Threat Detection and Threat Hunting : Monitoring of indicators of compromise (IOCs) using SIEMs or EDRs and active threat search with SIEMs or EDRs
• Forensic analysis investigating and evaluating the impact and scale of a security incident
• Early threat detection to analyzing CVEs and 0-day vulnerabilities, the team will deploy decoys (deception)Excellent written, oral communication and presentation skills
• Advanced Attack Simulations: Develop complex and realistic attack scenarios that mimic Advanced Persistent Threats (APTs) and other sophisticated tactics to test the resilience of security measures
• Comprehensive Penetration Testing: Implement in-depth penetration testing modules that allow users to practice finding and exploiting vulnerabilities within a controlled environment
• Operational Security (OpSec) Training: Create training modules focused on OpSec, teaching users how to avoid detection and maintain stealth during Red Team operations
• Custom Exploits and Payloads: Develop and deploy custom exploits and payloads that can be used to test specific system vulnerabilities
• Incident Response Testing: Simulate breaches to test and improve the incident response procedures of organizations, ensuring they can swiftly and effectively handle real-world attacks
• Adversary Emulation Plans: Develop detailed adversary emulation plans that mirror the techniques, tactics, and procedures (TTPs) of known threat actors to provide a realistic training experience
• Continuous Learning and Adaptation: Implement a system for continuously updating the platform with new tactics and vulnerabilities as they emerge, ensuring Red Team exercises remain relevant and challenging.
  

Core Deliverables

• Advanced Penetration Testing: Conduct thorough penetration tests on simulated environments to identify and exploit vulnerabilities
• Red Team Operations: Design, plan, and execute sophisticated red team exercises to assess organizational readiness against cyber threats
• Threat Emulation: Develop and deploy threat emulation scenarios that mimic real-world adversaries' tactics, techniques, and procedures (TTPs)
• Incident Response Simulation: Create and execute realistic incident response scenarios to test and enhance the response capabilities of blue teams
• Continuous Red Team Training: Train and mentor junior red team members and other IT staff on the latest security threats and tactics
• Oversee the execution of automated vulnerability assessments
• Responsible and actively participate in Meetings to discuss assessment scope, requirements, deliverables, and client expectations
• Responsible to authoring and presenting assessment reports to clients to discuss security findings and recommendations
• Conduct simulated attacks on the organization's computer systems or physical locations
• Identify and exploit vulnerabilities, weaknesses, and gaps in the security systems and policies
• Report findings and recommendations to the organization
• Provide feedback and training to the blue team
• Stay updated on the latest trends and developments in the security field
• Plan and initiate Red Team activities based on realistic threats, by creating attack techniques and utilizing custom tooling to generate exploits.
  

Platform-Specific Deliverables:

• Scenario Development: Design dynamic and scalable training scenarios tailored to the organization's needs, leveraging the capabilities of next-generation cyber range platforms like CYBER RANGES and others2
• Automation and Scripting: Develop scripts and automation tools to enhance the efficiency and scalability of cyber range operations
• Integration with Existing Tools: Ensure seamless integration of the cyber range platform with existing security tools and infrastructure
• Comprehensive Reporting and Analysis: Deliver detailed reports on the findings from red team exercises, including risk assessments, detailed debriefs, and actionable recommendations
• Data Analysis: Use data collected from exercises to provide insights into potential security improvements and adjustments
• Continuous Improvement: Stay updated with the latest developments in cybersecurity and continuously improve the cyber range platforms and training scenarios
• Emerging Threat Awareness: Identify and incorporate emerging threats into the training scenarios to keep defences robust and current.
  

Certifications:

• Certified Red Team Professional (CRTP) - Mandatory
• CISA / CISM / CISSP / CEH / CRISC - Mandatory (atleast one certification)
• Offensive Security Certified Professional (OSCP) - Mandatory
• Offensive Security Certified Expert (OSCE)
• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)CompTia Security+