Red Team Lead (Senior Offensive Security Engineer)

Connect with Eutelsat Group

Be part of a new era in communications, transforming connectivity with Eutelsat Group – the world’s first GEO-LEO integrated global satellite operator.

As a global leader in satellite communications, we provide infinite connectivity, broadcasting television channels and packages, transmitting news reports, provide wholesale broadband Internet access services.

With Eutelsat Group You’ll Get To:

• Pioneer the future of Space Technology
• Bring connectivity to remote frontiers
• Collaborate with customer-centric experts
• Embrace cultural diversity in our global team

Where your skills ignite opportunities & you will elevate your skills in a stretching, rewarding, and meaningful environment. At Eutelsat Group, we’re united by inclusion and diversity, striving for gender balance and social responsibility, on Earth and in Space.

Who you are:

Working as a key member of the Eutelsat Group Chief Information Officer directorate, and reporting to the Director of Security Operations, you will be working closely with our Security Operations and Security Engineering teams, as well as a range of development and system teams across the organisation to test, review and improve the security of in-house and external products. The Red Team capability at Eutelsat Group supports our Secure by Design objective, which applies to all technologies across our Ground, Space, Commercial and Corporate segments. The Red Team Lead (Senior Offensive Security Engineer) will provide offensive and defensive security subject matter expertise to the business, technical and operational teams building the Eutelsat Group system, design and grow the Red Team function itself, and provide day-to-day input to security-relevant design and architectural decisions.

What you'll do:

•            Planning, spearheading, and executing sophisticated adversary simulation activities against Eutelsat Group to enable identification and mitigation of identified vulnerabilities.

•            Research, develop, and apply offensive tactics, techniques, and procedures (TTP’s) to effectively mimic the capabilities of relevant threat actors.

•            Provide subject matter expertise in offensive security for cyber defenders, remediation teams and enterprise technology teams.

•            Build, maintain, and continually improve technical infrastructure to support operations.

•            Excellent communication skills, both written and verbal.

•            Need to be a “Self-Starter” and someone who can work without the need for constant supervision or guidance but can recognise when advice should be sought and from whom, should their work efforts necessitate it.

•            Ability to prioritise workload and work well under pressure to meet firm deadlines and manage business expectations.

•            Excellent presentation skills with the ability to present complex ideas to technical and non-technical audiences. It is particularly important to be able to express security risks in business terms to a business skilled audience.

•            Strong negotiation skills to influence cost and risk-based decisions within either a business or technical audience.

•            Experience of business and technical information security concepts including risk management, defence in depth, and accreditation.

•            Ability to organise and coordinate technical team efforts in a logical and consistent way to support operational business objectives.

•            Must have a good understanding of security incident response and forensic level activities related to the architectures delivered.

What it takes

•            OSCP/OSCE(3)/GPEN/GPNX/CRTO/CRTL or equivalent are nice to have, but not necessary.

•            Some software development/review experience in some of the following languages; Java, Python, C++, C, Go.

•            Strong understanding of Windows internals, with some understanding of Linux internals.

•            Some understanding of RF theory and 4G/5G networks, and some common attacks against these systems, but not necessary to start.

•            Exposure to embedded security testing to support end-user devices, including Linux RTOS.

Where you'll be 

As part of the Security team, the position is open in Turin or London or Paris. The position is hybrid.

The Eutelsat Group treats the protection of personal data submitted to it seriously. By submitting this application, you agree to the collection and retention of your personal data by the Eutelsat group and acknowledge notice of, and understand the terms of Eutelsat’s Privacy Policy (as amended from time to time).

This role is a Eutelsat Group job opening; all of our open roles are posted on the current OneWeb and Eutelsat websites. Please note that when you are applying, your application may be seen by both teams.