Location : Work from Home (Remote)
Shift : US Time Zone
Job Description:
- Deploy the red team infrastructure as required and then dispose it afterwards.
- Develop custom implants to evade EDR and other SIEM tools.
- Design and execute realistic attack simulations to test the effectiveness of security controls and incident response processes.
- Conduct full-spectrum of cyber kill chain, including reconnaissance, exploitation, lateral movement, privilege escalation, and persistence.
- Develop and deploy custom scripts, tools, and payloads to mimic advanced threat actors.
- Identify and exploit vulnerabilities in systems, networks, and applications to achieve defined objectives.
- Collaborate with the Blue Team to improve threat detection, monitoring, and alerting capabilities.
- Perform covert operations, including phishing campaigns and social engineering.
- Prepare detailed reports outlining findings, methods used, and recommendations for remediation.
- Stay updated on emerging threats, vulnerabilities, and tactics used by advanced threat actors.
- Contribute to the development of Red Team processes, playbooks, and methodologies.
- Strong knowledge of adversary tactics, techniques, and procedures (TTPs), including the MITRE ATT&CK framework.
- Proficiency with offensive tools such as Cobalt Strike, Sliver, BloodHound, Empire, Mimikatz, and custom exploit frameworks.
- Deep understanding of network protocols, operating systems (Windows, Linux, macOS), ADCS, and Active Directory environments.
- Strong scripting or programming skills in languages like Python, PowerShell, Bash, Rust, or C/C++. Excellent analytical, problem-solving, and documentation skills.
- Ability to work in a fast-paced, collaborative environment and adapt to evolving threats