Are you a senior infosec professional with a keen interest and solid track record on red teaming type of security activities? Ready to take on a hands on leadership role, bringing your technical capabilities, mindset and experience in aiding to build and deliver solid red team related services and improve internal capabilities around those, impacting global organizations and critical infrastructures.

Reach out to further discuss this opportunity in a technology environment that will give you the chance to use your all around hacking skills!

Role Overview:

Leading the red team activities, improving the team’s capabilities, interacting with organizations and advising on their security programs, maturity and outcomes of the red team services as well as coaching and leading the red team members on their assignments, development and growth; are all part of a role.

With a goal to further mature the red teaming capabilities (types of services, way of delivery, automation and customization required per environment etc), you’ll keep on top of the constant changing knowledge of threat actors’ tactics, techniques and procedures to bring realistic and meaningful solutions to clients. Working with IT security teams, blue teams and other IT stakeholders of the organization to help them utilize your findings and outcomes of your offensive activities to better defend and mature their security stance.

The role gives the ability to be involved in all sorts of different projects, with different complexity, scale and different technologies, wired and wireless, network and applications (web, mobile, enterprise) testing, embedded, ICS / SCADA environments etc. both local and international.

More information and details on the role, requirements and the environment / organization available – reach out for a first conversation!

Requirements:

  • Hands on mentality, with experience in red teaming and ethical hacking –  from technical skills to soft skills
  • Red team experience and  mindset: creating red team attack scenarios, weakest entry point, creative approach, multiple methods testing, stealthy approach, pivoting, social engineering, phishing and physical security and anything involving the human element.
  • Experience with various technologies and comfortable to picking up more (OS / tools / development languages / online technologies etc.)
  • Ability to stay on top of the fast changing mindset of red teaming TTPs and tools that go with it to offer successful red team services.
  • Leadership and team work mentality, as you’ll work closely with colleagues on projects, mentor and help them develop.
  • Understand the defensive side, blue team, Security Operations Center (SOC), and security monitoring and response (SIEM, IDS/IPS etc), as well as EDR (e.g. for bypasses), overall monitoring, detection and indicators of compromise, and creating effective red team activities to test these (e.g. developing / using malware, pivoting, escalating privileges, staying stealthy etc).
  • Good communication skills and ability to working with all stakeholders, internal and external, finding, advising and implementing the best solutions.
  • Curiosity, problem solving mentality.

Relevant terms:

Red Teaming, Red Team, Phishing, Social Engineering, AppSec, Infosec, Penetration Testing, Pentest, TTPs, Threat Analysis, Threat Modeling, EDR, SOC, SIEM, IDS/IPS Forensic Investigation, DFIR, Networks/ Systems/ Applications, IOCs, Malware Development,  IOAs,  Reconnaissance, Weaponization, Delivery, Exploitation, Command & Control, C2, Lateral Movement, Ethical Hacking, Malware Analysis, Web Application Security, Burp, Nessus, Nmap, Ncat, Mobile Security, Device Testing, Scripting, Linux, Windows, OSX, Network Security, OSCP, OSCE, GPEN, GXPN, GMON

Base Cyber Security helps organizations build knowledge and capabilities in information security. Supporting organizations putting together strong infosec teams or finding the right cyber security experts for their needs is a big part of that.

We work with security professionals globally for information and cyber security roles and projects across all industries in Europe. Whether you are starting your career in information security, need advice for your next step, deciding on how to build knowledge or choose a growth area in security to continue with, let’s have a conversation!

If you have not yet registered with the Base Cyber Security network, be sure to do so! Send us your details at [email protected] & follow us on Twitter @BaseCyberSec to stay up to date with our activities and relevant info.

By registering to the security community and / or showing interest in a specific role, project or team, you agree with sharing your personal information with Base Cyber Security, which will in turn collect, use and process this in an ethical, private and compliant (including under the GDPR where applicable) manner.

To apply for this job email your details to professionals@basecybersecurity.com