You are here
Cyber Security Red Team Manager - Pen Testing & App Security
- Fantastic opportunity to help develop a world class Cyber Security function
- Must have experience managing Red Team operations to the highest standard
About Our Client
This is a very well established, hugely successful international financial institution with a leading presence in the region. With aspirations of being the safest financial institution of their kind in the world, constant efforts and resources are being driven into the ongoing development and evolution of the security technology and processes.
- Respond to emerging threats such as APT and other forms of targeted attacks, organised crime, etc.
- Plan, lead and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on critical functions targeted by adversaries.
- Communicate areas for improvement to senior leadership team to improve the overall effectiveness of attack emulation activities.
- Design and develop scripts, frameworks, tools and the methods required for facilitating and executing complex attacks and emulating adversarial TTPs.
- Malware analysis and malware reverse engineering to extract indicators of compromise to be used to support testing and hunting activities.
- Bespoke development of malware/rootkits and customisation of existing malware to emulate adversarial capabilities.
- Assemble and coordinate with the Intrusions and other teams to resolve security incidents as quickly and efficiently as possible.
- Communicate status of missions and hunting activities to senior leadership.
- Ensure effective knowledge management of findings and review results of any attack campaign in order to determine severity of findings and identify potential remediation or mitigation strategies.
- In-depth research of the latest adversarial TTPs and technologies to remain at the bleeding edge.
- Mentor and train more junior staff in attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.
- Work closely with Blue Team members to help improve the team's abilities in Detection, Prevention and Response capabilities.
The Successful Applicant
- Master's Degree in Cyber Security, Computer Science, Technology related fields and/or equivalent industry experience
- Overall 10 years of Information Security experience with two of the following
At least 5 years' experience performing network penetration testing
At least 5 years' experience performing application security assessments
At least 5 years' experience with Cyber Red Team operations
At least 5 years' experience performing and leading network exploitation operations.
- Demonstrated experience leading and managing cyber operations and personnel.
- Advanced knowledge of networking fundamentals (all OSI layers)
- Advanced knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
- Strong knowledge of software exploitation (web, client-server and mobile) on modern operation systems
- Strong understanding of Red Team and Penetration testing methodologies and tools
- Familiarity with interpreting log output from networking devices, operating systems and infrastructure services
- Must be able to manage new and existing cyber security requirements, ensure personnel are fully trained and certified via internal standards, and implement control and risk procedures to ensure all Red Team operations are conducted within strict accordance of Cyber Security standards and directives.
- OSCP, OSCE, OSWP, GPEN, GWAPT, GMOB, GAWN, GXPN, GCIH, CPT
- 2+ years of experience with threat modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)
What's on Offer
A key role in this very well-recognised organisation will pay an attractive salary with fantastic benefits and the opportunity to play a key role in building a world class security function.