Minimum of 2 years of professional experience in Red Team exercises.
Certifications such as OSCP, CRTO, CRTP, or other penetration testing certifications are advantageous. Alternatively, more than 3 years of focused experience in penetration testing is acceptable.
Proficiency in multiple programming and scripting languages, including C/C++, Rust, Go, Dart, Nim, PowerShell, Python, and Bash.
Advanced knowledge of networking concepts, including routing, switching, and Transport Layer protocols (TCP/IP suite).
Familiarity with common application layer protocols such as HTTP/S, DNS, Kerberos, and LDAP.
Experience with Active Directory and related authentication/authorization technologies.
Capable of evaluating environments, applications, systems, or processes to identify weaknesses and develop actionable real-world attack strategies.
Responsibilities:
Continuously share knowledge and experience with junior team members.
Stay updated on new and emerging technologies, and develop tools and methodologies to assess their security.
Develop internal implants and artefacts for delivering payloads.
Test and research techniques in our threat-hunting lab.
Act as the technical lead for penetration testing projects.
Participate in penetration testing and red teaming projects.
Create testing plans for complex environments and actively participate in testing them.
Perform red team operational tasks, including but not limited to:
Toolset development
Development of custom implants and C2 framework
Red Teaming infrastructure development and implementation
Develop and maintain red teaming methodology
Purple Teaming
Design and planning of social engineering campaigns (e.g., Phishing)
Infrastructure-level penetration testing
Write and review reports/presentations about testing results and present and explain them to clients at a deep technical level.