Consultant

Key Responsibilities:

• Plan, execute, and lead red team operations, including adversary emulation, threat simulations, and advanced penetration testing.
• Conduct full-scope assessments across network, application, endpoint, cloud, and physical security layers.
• Use tools, tactics, and procedures (TTPs) that mimic real-world adversaries (APT-style attacks).
• Identify security weaknesses, misconfigurations, and exploitable vulnerabilities across the enterprise.
• Collaborate with the blue team to provide insights and help mature detection and response capabilities.
• Prepare detailed reports, attack paths, and executive-level summaries of red team findings and recommendations.
• Develop custom scripts, tools, or exploits as needed during engagements.
• Stay current on the latest threats, exploits, and TTPs used by threat actors.

Required Skills & Qualifications:

• 5–8 years of relevant experience in red teaming, penetration testing, or offensive security.
• Strong knowledge of MITRE ATT&CK framework and adversary simulation methodologies.
• Proficient in tools such as Cobalt Strike, Metasploit, Empire, BloodHound, Mimikatz, Nmap, Burp Suite, etc.
• Solid understanding of network protocols, operating systems (Windows/Linux), and cloud environments (AWS, Azure, GCP).
• Strong scripting skills in Python, PowerShell, or Bash.
• Experience with EDR evasion, privilege escalation, lateral movement, and persistence techniques.
• Excellent analytical, documentation, and communication skills.

Preferred Certifications (any of the following):

• OSCP / OSCE / OSEP
• CRTO / CRTP / CRTE
• CISSP / CEH (Advanced)
• GIAC GPEN / GXPN / GCP