Senior Cyber Red Team Analyst

As a Senior Cyber Red Team Engineer at Equifax, you'll be at the forefront of our global defense strategy, emulating real-world threats and challenging our security measures. You'll have the autonomy to design and execute complex Red & Purple Team operations that will directly enhance our resilience against evolving cyber threats.

This is an opportunity to make a tangible impact, working alongside top-tier cybersecurity talent and influencing the protection of millions. If you're a highly motivated individual with a proven track record in offensive security and a desire to shape the future of cybersecurity, we want to hear from you.

What you’ll do:

• Lead the design and execution of realistic Red & Purple Team operations with the aim of identifying vulnerabilities and strengthening our defenses.
• Help shape security standards by collaborating on the development, implementation, and testing of Equifax's security controls.
• Stay ahead of the threat landscape by partnering with Threat Intelligence and other Cybersecurity teams to research, analyze, and investigate emerging threats.
• Elevate our cyber readiness by creating and leading comprehensive simulation programs to enhance our Cybersecurity detection, response, and investigation capabilities.
• Foster collaboration by building strong relationships with Security and IT leaders across business units, promoting a culture of shared responsibility for cybersecurity.
• Drive continuous improvement by delivering detailed reports and insights to management, audit, and stakeholders, ensuring identified risks are prioritized and addressed.
• Act as a trusted advisor, providing expert support to Audit and external clients, showcasing your deep knowledge and commitment to security excellence.
• Manage external expertise by planning, coordinating, and overseeing third-party, threat-based assessments, ensuring they align with our strategic objectives.

What experience you need:

• Required bachelor's degree in Computer Science, Information Technology, Cyber Security and Information Assurance or related field
• Minimum of 5 years of experience performing in Cyber Security related roles
• Minimum of 2 years experience with command and control frameworks such as Cobalt Strike and Silver.
• 2+  years of experience in Cloud based platform environments (Preferably Google or AWS).
• 2+ years of experience implementing command and control framework customizations.
• 2+ years of experience in basic networking fundamentals, e.g., IP, TCP, UDP
• 2+ years of experience with one of the following scripting languages: Python, Perl, Ruby
• 2+ years of experience reviewing source code for security flaws
• 2+ years of experience in development/modification of exploits, shellcode and associated tooling
• English language proficiency B2+ minimum (Emmersion Test)

What could set you apart:

• Industry certifications: Certified Ethical Hacker (CEH) certification, GPEN (GIAC Penetration Tester), OSWE (Offensive Security Web Expert), Certified Red Team Operator, or Offensive Security Certified Professional (OSCP) preferred.
• Portfolio of software development projects, research, or documentation of implementing lab environments relating to information security
• Experience automating cloud technologies via API call
• Understanding of MITRE ATT&CK framework
• Understands  *NIX and Windows operating system functionality.
• Will be an enthusiast, “all things Cyber”, who attends trainings, conferences, home labs, etc.
   

Primary Location:

CRI-Sabana

Function:

Function - Security Governance and Compliance

Schedule:

Full time