A
Red Team Operator (Jr. Engineer level)
Salary undisclosed
Apply on
Original
Simplified
JOB DESCRIPTION
Job : Red Team Operator (Junior Engineer level)
Mode : Contract / 100% Remote (working EST)
Process : Remote Interview Protocol - .5 w/manager followed by a team panel
Technology NO Awareness of technology (0) LITTLE Awareness - read/heard of technology (1) EXPOSURE to technology in environment (2) SOME development in technology (3) Very COMFORTABLE developing in technology (4) EXPERTISE in technology i.e. could teach a class (5)
Outflank - Stage1 x
Cobalt Strike x
Burpsuite Pro x
Python x
Azure Active Directory x
Amazon Web Services x
Project Discovery Nuclei x
Electron Framework x
In this role, you will:
Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization's security posture and readiness against cyber threats.
Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.
Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization's defensive capabilities.
Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.
Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.
Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.
Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).
Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.
Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.
Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.
About you, you have:
A bachelor's in computer science or equivalent work experience
5 years in IT, with at least 1 year in offensive security
Experience in Red/Purple team exercises and penetration testing
Proficiency in C2 frameworks (e.g., Cobalt Strike)
Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred
Familiarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.
Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat Profiling
Experience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virmalware solutions
Proficiency with Burp Suite and testing Web Applications and API's.
Familiarity/experience with Electron framework preferred
Ability to maintain discretion and integrity at all times
Ability to work in the US without sponsorship
Job : Red Team Operator (Junior Engineer level)
Mode : Contract / 100% Remote (working EST)
Process : Remote Interview Protocol - .5 w/manager followed by a team panel
Technology NO Awareness of technology (0) LITTLE Awareness - read/heard of technology (1) EXPOSURE to technology in environment (2) SOME development in technology (3) Very COMFORTABLE developing in technology (4) EXPERTISE in technology i.e. could teach a class (5)
Outflank - Stage1 x
Cobalt Strike x
Burpsuite Pro x
Python x
Azure Active Directory x
Amazon Web Services x
Project Discovery Nuclei x
Electron Framework x
In this role, you will:
Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization's security posture and readiness against cyber threats.
Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.
Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization's defensive capabilities.
Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.
Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.
Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.
Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).
Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.
Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.
Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.
About you, you have:
A bachelor's in computer science or equivalent work experience
5 years in IT, with at least 1 year in offensive security
Experience in Red/Purple team exercises and penetration testing
Proficiency in C2 frameworks (e.g., Cobalt Strike)
Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred
Familiarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.
Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat Profiling
Experience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virmalware solutions
Proficiency with Burp Suite and testing Web Applications and API's.
Familiarity/experience with Electron framework preferred
Ability to maintain discretion and integrity at all times
Ability to work in the US without sponsorship
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
