CYBER - Red Team

Red Team:

A red team serves cyber-attack simulation as an attacker in real time, using the same techniques as an attacker may use to evade the detection.Test the security control/ data centre defences and validates the effectiveness of internal security team. This test not just identifies the security vulnerabilities but finds the possible way that may use by attacker to compromise the overall security.

Responsibility

Conduct real time cyber-attack simulations as part of the RED teamactivity.

Perform Cover, overt and specialised Red Team assessment.

Perform manual testing of web applications.

Modify or write an exploit/ payload to bypass the security solutions.

Ensure timely delivery of status updates and final reports to clients.

Manage the Projects independently or in minimal supervision.

Mentor and manage a team.

Keep oneself updated on the latest IT Security news, exploits, hacks.

Prepare Threat Intelligence reports for newly discovered threat

agents, exploits, attacks.

Conduct vulnerability Assessment and Penetration Testing for web

applications, Network, Web/ NW API, mobile applications, thick-

client applications, Wireless and handhold devices.

Conduct a security configuration review for web, mobile and thick

client applications.

Conduct configuration reviews for network devices including server

OS, DB, Firewall, routers, Switches and other security

devices/components.

Conduct source-code review using automated and manual approach.

Conduct threat base / incident base investigation to identify the rootcause.

Analyse data, such as logs or packets captures, from various

sources within the corporate / enterprise and prepare conclusions

regarding past and future security incidents.

Conduct red team assessment using latest techniques.

Work with implementation/ product partner and manage the project/timelines.

Prepare and present the assessment / audit reports to management and client.

Ensure timely delivery of status updates and final reports to clients.

Ensure high quality service delivery for security compliance.

Requirement /Skills:

Minimum Bachelor degree in Computer Science / IT

3 to 7 years hands-on working experience in Red Team operations

and/or in web, network Penetration Testing in an enterprise, military

or law enforcement environment. (required)

In-depth security knowledge on one of the following: Active

Directory, Critical Infrastructure, or Cloud Infrastructure.

Hands-on experience with well-known Red Team tools like Cobalt

Strike, Metasploit, Bloodhound, Mythic etc. (required)

Proficiency with at least one scripting language (e.g. Python, Bash,

PowerShell). (required)

At least one of the following certifications or a similar one will be a plus:

Security Certifications (Any One): OSCP, OSCE, OSED.

CRTP (Certified Red Team Professional) SANS GDAT, GXPN,GPEN

Excellent communicator and technical writing skills, able to engage

and effectively respond to diverse stakeholders.

Experience carrying out social-engineering assessments

Skilled in crafting bypass script for AV/EDR

Interested candidate can share resume on

Location : Andheri