Penetration Tester / Red Teaming - Security
penetration tester / security consultant / red teamer / home working
Penetration Testers with 1 yrs + Red Team testing experience is needed by our client a award-winning, global leader of cyber security services. Headquartered in Leamington Spa they are open to applications from throughout the UK as the role offers flexible hours / and home working so you can be based anywhere in the UK.
Every year, they deliver a large number of red teaming engagements for a variety of prestigious clients.
The typical delivery time frame is in the region of weeks to months. They start with a threat intelligence phase in order to ensure maximum realism and then move on to a multi scenario attack phase. Finally, they place great emphasis on detection and response. They see the blue team as their customer and so they go on site to conduct an incident response maturity assessment with them at the end of the engagement.
They are looking for the right individuals to engage in top tier red teaming, STAR & CBEST work.
The attributes possessed by successful candidates include:
- The ability to perform under pressure - we have to outfox and outrun the blue team!
- A willingness to occasionally work unsociable working hours - attackers don't just work 9-5 and sometimes we need to replicate that!
- Strong knowledge of the cyber kill chain and common tactics, techniques and procedures often employed by a variety of threat actors.
- A good understanding of how a typical blue team operates.
- You will be enthusiastic and able to work well within a high performing team as well as perform to a high standard autonomously.
- You need to be able to lead complex engagements and communicate externally at the highest levels.
- You will have an in depth understanding of risk.
- The ability to write and deliver high quality reports.
- A thirst for research and being at the cutting edge of the industry.
SKILLS AND EXPERIENCE
Of course, wider security abilities and experience are extremely important.
The following illustrate the type background they are looking for, although they are very pragmatic in their assessments:
- 1+ years of red team testing.
- 5+ years of infrastructure penetration testing.
- CREST CCSAS.
- Offensive Security (e.g. OSCP, OSCE), SANS and other recognized industry training and certification is appreciated but not required.
- SC or DV Cleared
- In depth knowledge and understanding of common C2 frameworks (e.g. Cobalt Strike, PoshC2, Empire).
- Ability to work with exploits and vulnerabilities.
- Exploit creation, skills with scripting, vulnerability analysis and reverse engineering.
- Experience working with and against many security products, ranging from perimeter security to endpoint protection tools.
- An in depth level of knowledge of Windows exploitation and Active Directory.
If this sounds of interest please forward your CV for immediate consideration.
This job was originally posted as www.totaljobs.com/job/77786266