Red Team Consultant
GBR Cheltenham Jessop House
NCC Group
Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
The Opportunity:
Role: Red Team Consultant
Location: England/Hybrid with travel to client sites
You will be involved in each aspect of the attack chain from social engineering and initial access, evading best-in-class EDR products, through lateral movement.
Operational security and safety of target environments is of paramount importance; you must rely on your extensive experience of managing operational risk and communicating with client stakeholders to mitigate risks for all Red Team activity.
You will be well leading in capability development and the creation of tools to automate activity or exploit weaknesses identified in the environment.
Last but not least, you will use your high-standard of written English for reports and presentations, as well as briefing both technical and C-Level audiences on their activities and findings.
Your key accountabilities:
- Simulate Adversarial Attacks: Design, plan, and execute realistic cyber-attack scenarios to identify vulnerabilities and weaknesses within our target organization's infrastructure, applications, and processes. We operate against high-maturity clients across a number of internationally recognised regulatory frameworks.
- Report and Advise: Clearly convey findings, vulnerabilities, and potential risks to stakeholders, offering actionable technical recommendations, procedural and defensive improvements. The ability to write attack narratives to enable non-technical readers to understand the actions performed.
- Engage and Collaborate: Ability to work as part of a team on large engagements and individually for smaller ones. Forging strong relationships with colleagues, client contacts and C-Level teams, security departments, and other stakeholders to drive maximum value.
- Continuous Learning: Keep abreast of the latest adversarial techniques, tools, and trends in Red Teaming and more general global cybersecurity. Sharing knowledge from successful techniques as well as evaluating and introducing new methodologies where appropriate.
- Mentoring and Training: Act as a resource for junior team members and other departments, imparting knowledge on current threat vectors and best practices for defence.
You’ll stand out if you have
- Demonstrable experience in advanced red teaming.
- Demonstrable experience in regulatory schemes globally (CBEST/TIBER/CORIE/AASE/iCAST/FEER).
- Comprehensive understanding the majority of the following domains:
- Cloud platforms and their security mechanisms
- Microsoft Active Directory
- Office 365 Security
- EDR/EPP Bypasses
- Email Gateways and Filters
- Web Gateways and Proxies
- MacOS Client Environments
- Proactive attitude, team-oriented, and adept at problem-solving.
- Familiarity with the UK's cybersecurity regulations, standards, and best practices.
- CREST CCT-INF or CREST CCSAS or CREST CCSAM
Why work with NCC Group?
At NCC we work together as one team to exceed expectations and add value. We empower each other, take responsibility, communicate openly, and embrace new ideas. With a proactive approach and a commitment to continuous learning, we adapt to change, solve problems, and keep customers at the heart of everything we do.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.
Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business… https://www.nccgroup.com/uk/
What we offer
⏰Flexible working
💸 Financial & Investment -Pension, Life Assurance, Share Save Scheme, Maternity & Paternity leave
🙋🏾Community & Volunteering Programmes
⚡ Green Car Scheme
🚴 Cycle Scheme
🧑🏻🤝🧑🏻 Employee Referral Program
🧘🏻 Lifestyle & Wellness via Perkbox -access to discounts on gym memberships, cinema tickets, shopping and more!
🎓 Learning & Development with the goal of personal development and progression
So, what’s next?
If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory C Cloud CORIE CREST EDR Exploit MacOS Privacy Red team Vulnerabilities
Perks/benefits: Career development Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.