Purple Team Operator (Hybrid set up)

Join Swiss Re and strengthen our cybersecurity defenses in a new role as a Purple Team Operator. In this position, you'll lead simulations, bridge collaboration between offensive and defensive security efforts, and ensure proactive protection against cyber threats. This hybrid role combines the expertise of Red and Blue teams, fostering both attack simulation and detection refinement to build a resilient security posture.

 

 

About The Role and Team

Swiss Re's Chief Security Office is the core of cybersecurity efforts across the company. As a Purple Team Operator, you will play a key role in fortifying Swiss Re’s defenses by emulating threat actor techniques and collaborating with various cybersecurity teams. Your insights will be pivotal in validating detection rules, refining incident response playbooks, and closing gaps in real-time threat mitigation.

We're looking for a cybersecurity expert skilled in both offensive and defensive techniques who can creatively challenge our systems while ensuring response strategies stay one step ahead. Join Swiss Re's healthy and transparent risk culture where everyone engages in continuous risk accountability activities.

 

 

In your role, you will...

 

• Plan and execute attack simulations: Develop realistic threat scenarios and simulations to test current detection and response controls, aligning with frameworks like MITRE ATT&CK.
• Analyze and improve security controls: Evaluate the effectiveness of detection mechanisms and work with team members to address security gaps.
• Develop and refine detection rules: Create or improve detection rules to strengthen the SOC’s visibility and responsiveness.
• Threat emulations: Based on obtained Threat Intel, conduct threat emulation and simulations to test and improve security measures for emerging threats for Swiss Re.
• Analyze Threat Intel: Analyze adversarial TTPs (Techniques, Tactics, and Procedures) and use frameworks such as MITRE ATT&CK to simulate real-world attacks
• Oversee automatic detection regression platform: Ensure the security detections maintain effectiveness over time, catching any degradation through routine re-check automations.
• Manage automatic detection regression platform development: Drive the development for further evolution of the platform, keeping it robust and responsive.
• Multiple teams collaboration: Collaborate between Red, Blue, Threat Intel, Detection Engineering, and Platform Engineering teams to validate detection and response capabilities.

 

 

Your qualifications

 

• Experience: Proven experience as a cybersecurity analyst, incident responder, or blue team in a SOC/CSIRT environment; hands-on experience with adversary simulations and/or Purple Team exercises
• Blue Team Expertise: experience with SIEM tools, scripting (Python, Kusto), and cloud platforms to build and automate detection mechanisms. Competence with SIEM platforms, network monitoring, and other SOC tools.
• Technical Proficiency: Strong understanding of current threat landscapes, offensive techniques, and detection engineering; familiarity with industry-standard frameworks such as MITRE ATT&CK, OWASP, and Kill Chain methodologies.
• Collaborative Skills: Ability to work across teams, translating technical insights into actionable improvements.
• Technical Writing Skills: Skilled at documenting complex concepts and presenting them to technical and non-technical audiences alike.

 

 

Nice to have

 

• Experience offensive security: hands-on experience conducting attack simulations or penetration testing assessments.
• Incident Response and Analysis: Knowledge of malware analysis, exploit development, and reverse engineering.
• Certifications: Certifications like OSCP or GIAC that demonstrate advanced understanding of offensive and defensive security.

 

 

We are looking forward to your application! We provide feedback to all candidates via email. If you have not heard back from us, please check your spam folder.

 

 

For Spain the base salary range for this position is between [EUR 60,000] and [EUR 100,000] per year (for a full-time role). The specific salary offered considers: 
•    the requirements, scope, complexity and responsibilities of the role, 
•    the applicant’s own profile including education/qualifications, expertise, specialization, skills and experience. 

In the situation where you do not meet all the requirements or you significantly exceed these, the offered salary may be below or above the advertised range.
In addition to your base salary, you may be eligible for additional rewards and benefits including an attractive performance-based bonus.

 

 

About Swiss Re

 

Swiss Re is one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime. Combining experience with creative thinking and cutting-edge expertise, we create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 14,000 employees across the world.

Our success depends on our ability to build an inclusive culture encouraging fresh perspectives and innovative thinking. We embrace a workplace where everyone has equal opportunities to thrive and develop professionally regardless of their age, gender, race, ethnicity, gender identity and/or expression, sexual orientation, physical or mental ability, skillset, thought or other characteristics. In our inclusive and flexible environment everyone can bring their authentic selves to work and their passion for sustainability.

If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience.

 

 

Keywords:  
Reference Code: 132187