Red Team Operator (Jr. Engineer level)

JOB DESCRIPTION

Job : Red Team Operator (Junior Engineer level)

Mode : Contract / 100% Remote (working EST)

Process : Remote Interview Protocol - .5 w/manager followed by a team panel

Technology NO Awareness of technology (0) LITTLE Awareness - read/heard of technology (1) EXPOSURE to technology in environment (2) SOME development in technology (3) Very COMFORTABLE developing in technology (4) EXPERTISE in technology i.e. could teach a class (5)

Outflank - Stage1 x

Cobalt Strike x

Burpsuite Pro x

Python x

Azure Active Directory x

Amazon Web Services x

Project Discovery Nuclei x

Electron Framework x

In this role, you will:

* Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization's security posture and readiness against cyber threats.

* Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.

* Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization's defensive capabilities.

* Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.

* Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.

* Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.

* Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).

* Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.

* Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.

* Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.

About you, you have:

* A bachelor's in computer science or equivalent work experience

* 5 years in IT, with at least 1 year in offensive security

* Experience in Red/Purple team exercises and penetration testing

* Proficiency in C2 frameworks (e.g., Cobalt Strike)

* Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred

* Familiarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.

* Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat Profiling

* Experience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virus/malware solutions

* Proficiency with Burp Suite and testing Web Applications and API's.

* Familiarity/experience with Electron framework preferred

* Ability to maintain discretion and integrity at all times

* Ability to work in the US without sponsorship