Lead - Offensive Security

Roles & Responsibilities:

• Leading the offensive security teams including Red Teaming, Penetration Testing etc., improving the teams capabilities, interacting with organizations, and advising on their security programs, maturity, and outcomes of the red team services as well as coaching and leading the team members on their assignments, development and growth, etc.
• Should have a goal to further mature the red teaming capabilities (types of services, way of delivery, automation and customization required per environment etc.), youll keep on top of the constant changing knowledge of threat actors tactics, techniques, and procedures to bring realistic and meaningful solutions to clients.
• Working with cyber security teams, blue teams, and other technology stakeholders of the organization to help them utilize your findings and outcomes of your offensive activities to better defend and mature their security stance.
• The role gives the ability to be involved in all sorts of different projects, with different complexity, scale, and different technologies, wired and wireless, network and applications (web, mobile, enterprise) testing, embedded, OT/ICS/SCADA environments etc. both local and international.

Requirements:

• Hands on mentality, with experience in red teaming and ethical hacking from technical skills to soft skills
• Red team experience and mindset: creating red team attack scenarios, weakest entry point, creative approach, multiple methods testing, stealthy approach, pivoting, social engineering, phishing and physical security and anything involving the human element.
• Experience with various technologies and comfortable to picking up more (OS / tools / development languages / online technologies etc.)
• Ability to stay on top of the fast-changing mindset of red teaming TTPs and tools that go with it to offer successful red team services.
• Leadership and teamwork mentality, as youll work closely with colleagues on projects, mentor and help them develop.
• Understand the defensive side, blue team, Security Operations Center (SOC), and security monitoring and response (SIEM, IDS/IPS etc), as well as EDR (e.g. for bypasses), overall monitoring, detection and indicators of compromise, and creating effective red team activities to test these (e.g. developing / using malware, pivoting, escalating privileges, staying stealthy etc).
• Good communication skills and ability to work with all stakeholders, internal and external, finding, advising, and implementing the best solutions.
• Curiosity, problem solving mentality.
• Good to have certifications - OSCP, OSCE, SANS, GWAPT.