NinjaJobs

View All Jobs

Red Team Operator

NinjaJobs - United States

Red Team Operator

Purpose of Role:

As a Red Team Operator - you will have a deep understanding of computer science and information security. You understand advanced concepts like exploit development and stealthy operations. This role will have access to a very diverse network at a company dedicated to providing care to patients across the globe.

Key Responsibilities:

  • Leverage real attacker emulation to simulate security incidents, observe response across monitoring and incidents, and identify enhancement opportunities

  • Develop after action reports to help justify this investment and use the results to hone the security posture for the overall organization

  • Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery

  • Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure

  • Develop payloads, scripts, and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement

  • Document identified vulnerabilities and research corrective/remediation actions to recommend a risk mitigation technique(s)

  • Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents

  • Communicate effectively with team members and during an engagement

  • Keep current with TTPs and the latest offensive security techniques

Basic Qualifications:

  • 3+ years of experience as a red team operator

  • Experience with offensive tools and platforms such as Kali Linux, Cobalt Strike, Metasploit, Covenant, Sliver, Bloodhound, Ghostpack, Nmap, Nessus, Zmap, Massscan, EyeWitness, Burp Suite

  • Experience with writing high-quality assessment reports and communicating results to clients, teammates, and senior leadership

  • Knowledge of functionality and capabilities of network defense technologies, including firewalls, IDS and IPS, antivirus, and web content filtering

  • Experience building red team infrastructure and new approaches to testing a variety of environments

  • Ability to operate and lead organized security testing engagements without assistance

  • Market relevant certifications such as CREST/OSCP/OSCE/OSWP

Advanced and/or Qualifications:

  • 4+ years’ experience focused on Red Team operations

  • Familiarity with various programming languages such as Python, Ruby, and Rails are a plus

  • Experience in web programming (Java, ASP, ASP.NET, HTML, JavaScript)

  • Experience with cloud-based environments (GCP, Azure, AWS, etc.)

  • Demonstrated rapid tool development & automation experience

  • Regular Expressions (RegEx)

  • Knowledge of SQL Server, SQL Client Tools, and T-SQL Stored Procedures

  • Understanding of Web Application Firewalls

  • Reverse engineering



Posted On: Wednesday, May 29, 2024
Compensation: $150,000 - $180,000



Apply to this job

or
Powered by Crelate