Junior Cyber Security Specialist

CYE is looking for a Junior Cyber Security Specialist with a deep interest and basic knowledge of both information security and computer science. CYE is a cybersecurity firm specializing in advanced adversary simulation and offensive security testing. We deliver Red Team assessments for Fortune 500 companies, simulating sophisticated, real-world attacks across external, internal, cloud and Active Directory environments. Our services span both stealth-based Red Team operations and risk-focused assessments, covering a wide range of attack surfaces including on-premise and cloud environments.

Responsibilities

• Participate in Red Team and Risk assessments under the guidance of senior team members
• Assist in documenting findings, writing technical reports, and contributing to final deliverables for clients
• Learn and simulate attacker tactics, techniques, and procedures (TTPs)
• Support Risk Assessments, where the objective is to identify vulnerabilities, especially in Active Directory, without the requirement for stealth. These engagements provide deep insight into systemic weaknesses and offer high exposure to internal infrastructure.
• Contribute to external assessments, such as, perimeter testing, and reconnaissance
• Participate in CYE's internal, hands-on training program, which covers red team TTPs, tool usage, internal methodologies, and real-world scenarios

Requirements

• Strong interest in offensive security and Red Team methodologies
• Foundational understanding of Active Directory architecture, domain trust, Kerberos, GPOs, and domain privilege structures
• Familiarity with network protocols such as SMB, LDAP, DNS, and HTTP
• Knowledge of common attack techniques such as enumeration, privilege escalation, exploitation, credential dumping and C2 operations
• Ability to write or assist in technical documentation and reporting in English
• Comfortable working in a collaborative environment and eager to learn from experienced team members
• Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools
• Comfortable with basic scripting and using CLI tools

Advantages

• Personal projects, CTF participation, or lab-based experience in offensive security
• Exposure to cloud environments (Azure, AWS, GCP)
• Programming/scripting experience in Python, PowerShell, C++, C#, etc
• Hands-on experience with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver)
• High level of spoken and written English, including the ability to clearly explain technical topics to both technical and non-technical audiences

About us:CYE’s exposure management platform, Hyver, transforms the way security teams protect their organizations. With CRQ at its core, Hyver reveals exposure in financial terms, visualizes attack routes to critical business assets, and creates tailored mitigation plans. Founded in 2012, CYE has served hundreds of organizations globally.