Senior Red Team Operator (Senior Manager)

14th month guaranteed
Performance bonus
Comprehensive benefits
Permanent, direct-hire by the client
Taguig, 4 days onsite per month
Day shift, Monday to Friday

 

Client
The hiring company is a leading international financial services group with global headquarters in Toronto and operate across offices in Canada, Asia, and Europe.

 

Role Context

• Plan, carry out, and report on Red Team engagements, attack simulations and adversary emulations to identify vulnerabilities in critical information systems
• Perform network penetration, web and mobile application testing, source code reviews, threat analysis, and social-engineering assessments
• Develop scripts, tools, and programs for Red Team operations
• Manage, maintain, and improve a state-of-the-art command-and-control (C2) red team cloud environment (AWS, Azure, DigitalOcean)
• Assist with and develop security control evasion and bypass capabilities
• Work with other parts of the business to develop a method for testing detective capability through Red Team exercises (e.g., purple teaming, assumed breaches etc.)
• Research latest threats and follow guidelines on Red Team Frameworks (MITRE)
• Assist in the production of weekly/ monthly reports on security vulnerability trending and direction

 

Ideal Candidates

• University degree in computer science or computer engineering
• Should have strong experience in Programming, Shell scripting and automation of tasks using C#, JavaScript, ASP.NET, Perl, Python, Ruby, PowerShell, bash, etc.
• A general understanding of information security concepts and security trends and practices
• Problem solving with creative solutions
• Maintain high technical knowledge of systems and solutions
• Industry certifications (OSCP/SANS/CEH/CISSP) are a strong asset
• Understand operation systems (OS), network protocols, application configuration with excellent report-writing skills
• Strong communication and presentation skills

 

Preferred Knowledge or Qualifications

• Prior experience in a technical security internship
• Network, Application or Mobile Penetration testing experience.
• Experience with CTF (Capture the flags) and/or security training platforms such as Hack the Box, TryHackMe, VulnHub.
• Related projects in cybersecurity, programming, etc.
• OSINT (Open-source intelligence gathering)
• Social engineering techniques and tactics
• Defense in depth security concepts including MITRE framework
• Cloud Environments (AWS, Azure, Digital Ocean)
• Interpreted languages (Ruby, Python, PHP, etc.)
• Compiled languages (Java, C, C++, Assembly, etc.)
• Windows/Linux/UNIX/OSX internals

 

 

 

Our Recruitment Approach
Put forward your interest when endorsing to a hiring-company
Provide you information that is not easily obtainable online
Work closely with you and give you real feedback not a generic message

Please feel free to reach out via recruitment@jrrs.site