This job has expired

Head of Red Team

Employer
Experian
Location
UK
Salary
Competitive
Closing date
15 Sep 2021

View more

Sector
Technology & New Media
Contract Type
Permanent
You need to sign in or create an account to save a job.

Job Details

Company DescriptionThe Red Team Manager is tasked with providing leadership and support to Experian's internal team of highly skilled and qualified Red Team members. Experian's Red Team conduct advanced adversary emulation operations to challenge assumptions and emulate cyber and criminal threat actors targeting or attacking the business. The successful candidate will have verifiable experience in leading advanced exploitation operations against a large global enterprise, through leading Red and Purple Team operations. Additionally, candidates must demonstrate proven experience of in-depth analysis of technology and business controls culminating in the identification of existing and potential risks.

ResponsibilitiesJob DescriptionThe scope of this position is broad, and the successful candidate will:
  • Contribute hands-on technical leadership to the Red Team, including participation in development and execution of red team operations
  • Determine priorities and maximize the effectiveness of the Red Team through the efficient use of resources
  • Formulate red teaming strategies aligned to business objectives and adjust red team priorities to maintain a strategic focus
  • Form meaningful relationships with relevant stakeholders across the enterprise to build and maintain a comprehensive model of applicable, feasible threats and risks to the business
  • Develop and maintain a strategic plan based on operational lessons learned and Threat Intelligence inputs
  • Develop metrics and detailed reporting for communication to senior executives
  • Document and formally present findings within a context relative to the overall risk posture of the enterprise and with remediation recommendations
  • Maintain operating procedures to ensure they remain effective and aligned to the organisation's technology environment
  • Develop the Red Team through coaching, mentoring and formal business and technical training
QualificationsTo be successful in this role, candidates must have:
  • Industry certifications such as OSCP, OSCE, OSWE, GPEN, GWAPT, GXPN, and/or CISSP are desirable
  • Comprehensive, recent experience in adversary emulation and simulation
  • Demonstrable experience of leading and managing Red / Purple team operations in a global enterprise
  • Detailed knowledge of global cyber threats, threat actors and the tactics, techniques and procedures used by cyber adversaries
  • A broad understanding of the threats faced by the financial sector
  • Experience leveraging the MITRE ATT&CK™ framework or other relevant frameworks
  • Demonstrable experience of mapping attack surfaces
  • Excellent written and verbal communication skills, with the ability to translate technical outputs into non-technical language
People Skills
  • Strong people leadership and communication skills
  • The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
  • Able to articulate and visually present complex technical findings and analysis results
  • Able to work under pressure in time critical situations
  • Experience of working in or managing a geographically dispersed team in multiple time zones
Process Skills
  • Conduct continuous process improvement to advance and refine team operating model and overall capability
  • Perform quality assurance and trend analysis against Red Team products and deliverables
  • Strong attention to detail in conducting analysis and providing thorough documentation in support of their work
  • Detailed knowledge of current international best practices in privacy and information security
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert