Red Team Operator Purpose of Role: As a Red Team Operator - you will have a deep understanding of computer science and information security. You understand advanced concepts like exploit development and stealthy operations. This role will have access to a very diverse network at a company dedicated to providing care to patients across the globe. Key Responsibilities: Leverage real attacker emulation to simulate security incidents, observe response across monitoring and incidents, and identify enhancement opportunities Develop after action reports to help justify this investment and use the results to hone the security posture for the overall organization Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure Develop payloads, scripts, and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement Document identified vulnerabilities and research corrective/remediation actions to recommend a risk mitigation technique(s) Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents Communicate effectively with team members and during an engagement Keep current with TTPs and the latest offensive security techniques Basic Qualifications: 3+ years of experience as a red team operator Experience with offensive tools and platforms such as Kali Linux, Cobalt Strike, Metasploit, Covenant, Sliver, Bloodhound, Ghostpack, Nmap, Nessus, Zmap, Massscan, EyeWitness, Burp Suite Experience with writing high-quality assessment reports and communicating results to clients, teammates, and senior leadership Knowledge of functionality and capabilities of network defense technologies, including firewalls, IDS and IPS, antivirus, and web content filtering Experience building red team infrastructure and new approaches to testing a variety of environments Ability to operate and lead organized security testing engagements without assistance Market relevant certifications such as CREST/OSCP/OSCE/OSWP Advanced and/or Qualifications: 4+ years’ experience focused on Red Team operations Familiarity with various programming languages such as Python, Ruby, and Rails are a plus Experience in web programming (Java, ASP, ASP.NET, HTML, JavaScript) Experience with cloud-based environments (GCP, Azure, AWS, etc.) Demonstrated rapid tool development & automation experience Regular Expressions (RegEx) Knowledge of SQL Server, SQL Client Tools, and T-SQL Stored Procedures Understanding of Web Application Firewalls Reverse engineering
Posted On: Wednesday, May 29, 2024
Compensation: $150,000 - $180,000