Red Team Lead

Red Team Lead – US

About LRQA

LRQA is an award-winning provider of Cyber Security and Assurance, Incident Response and Technology services to organizations across the world.
We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides!

We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the cyber security industry and within the threats faced. LRQA will be at the forefront of this arena and we want to seek the right people to join the team and make it happen.

You can find out more about us at https://www.lrqa.com
If you want to review our research and tooling, then head on over to https://www.lrqa.com/en/cyber-labs

The role

We have a dedicated Red Team within our business and due to continued growth we are hiring a Lead Security Consultant to be part of our Red Team.

In this role you will be expected to lead and deliver adversary simulation engagements, orchestrating and supporting your team to deliver on agreed objectives. You will be expected to work in challenging environments and deliver under pressure, while maintaining good working relationships with customers. Whilst the role focuses on a high level of competence in technical delivery, it also requires an equally high level of aptitude for consultancy and management, influence and presentation skills.

As a Red Team Lead, you will be required to lead and mentor other members of the team while working with and debriefing executive teams, company boards or regulators.

Every year, we deliver a large number of red teaming engagements for a variety of prestigious clients. The typical delivery time frame is in the region of weeks to months. We start with a threat intelligence phase in order to ensure maximum realism and then we move on to a multi scenario attack phase. Finally, we place great emphasis on detection and response. We see the blue team as our customer and so we go on site to conduct an incident response maturity assessment with them at the end of the engagement.

What you will be doing in your role:

In your role you will:

• Plan and execute complex Red and Purple team engagements, Penetration tests and Social Engineering Assessments.
• Take ownership for continued improvement of both the reporting templates and the mentorship of others not achieving high quality reports.
• Deliver both technical and management debriefs, up to executive level.
• Support, contribute to and deliver a number of LRQA training programs, namely LRQA’s Red Team training course.
• Maintain a good working knowledge of Blue team tactics/capabilities, specific to people, processes and technologies. Support and delivery Detection and Response (DRA) assessments and reports where necessary.
• Maintain a good working knowledge of threat actors and their Tactics, Techniques and Procedures (TTP’s).
• Assist Project Delivery in planning and arranging Red team activities, assigning personnel and managing workloads.
• Co-ordinate delivery of Red Team risk workshops, Threat Intelligence handover and project setup meetings with customers.
• Create robust and coherent test plans and provide quality assurance of test plans.
• Support the Global Red Team operation by being able to travel both domestically and internationally, while operating in multiple time zones where necessary.
• Maintain a proficient knowledge of regulatory frameworks, laws and their legal implications, operational security and its impacts on the team.
• Carry out or support technical research that increases LRQA’s delivery capability and industry awareness.
• Support the sales team in procurement of red team services:
• Responding to RFP’s and other proposals.
• Presales to support the effective communication of the red team service and set appropriate expectations.
• Onsite presentation of red team service to executive level audiences.
• Regular training provided to the sales team to upskill the knowledge of the red team service and current terminology.
• Reporting:
  • Create high quality and thorough technical and management reports, which are appropriately directed to their intended audience.
  • Providing Quality Assurance services, confirming either the relevant technical or management quality, as well as the report being coherent and written to a high standard.
• Coach and mentor Red Team members, providing support to all aspects of the job, technical, procedural and social.
• Maintain and abide by the Red Team methodology and supporting documentation/processes. This includes leading change were deemed necessary,  and continuing to improve the service.
• Create tools and procedures to assist in improving process, continuity and business growth.
• Drive internal initiatives through both request and observation, specific to improving the Red Team service or LRQA’s commercial presence.
• Maintain a focus on client objectives and have the ability to manage time and client expectations.
• Help maintain and further develop the LRQA brand reputation across the industry, this could be in the form of training, workshops, conference talks or blogs.

Key skills:

You will need the following:

• Demonstrable strong technical, social and presentation skills.
• Demonstrate strong influence, negotiation and relationship management skills.
• Demonstrable strong written and speaking English skills.
• Demonstrable strong analytical/problem solving skills.
• Demonstrable strong ability to lead, teach, present and inspire the wider team.
• High proficiency with multiple C2 frameworks and capable of modifying or creating tooling to overcome technical challenges.
• Ability to work and deliver under pressure in a worldwide organization.
• Knowledge and experience in scripting or programming languages in order to develop custom scripts or tools.

Desirable Knowledge & Experience:-

• Knowledge of adversary tactics against Apple heavy environments.
• Understanding of global regulatory landscape for technology and cyber risk experience in any of the common regulated frameworks (such as CBEST, I-CRT, TIBER-EU, C-RAF iCAST, AASE, TIBER-FI, CORIE, FEER)
• Conducting threat modelling
• Experience of defining strategies, methodologies, processes and procedures required to create a successful security strategy.

What we offer:

We offer an exciting working environment with intellectual challenges, responsibility and a high level of client interaction. An attractive remuneration package will be negotiated with the right candidate. The role provides a platform to work as part of a global team simulating highly advanced attacks against a range of businesses, using sophisticated tooling, including tools developed internally and commercially available C2 frameworks.

To maintain the high standards of delivery, consultants will also be given research and development time to build new tooling and spend time in our lab environment testing against a number of EDR solutions. This opportunity along with the work that we do provides a chance to make a real difference and help businesses better defend themselves from future attacks.

So, if you’re the kind of person who loves deep technical challenges and a fantastic work environment, we welcome your interest. Please do visit our website to understand more about how we develop our people, work on cutting edge engagements and offer multiple career progression paths.

The range of benefits we offer includes:

• Medical, Dental & Vision Insurance
• Generous vacation time and paid holidays
• 401(k) Plan and Company Matching Contributions
• Employee Assistance Program (EAP)
• Flexible Spending Account (FSA) and Commuter Benefits Program Available