Security Consultant - Red Team

Role: Senior Security Consultant - Red Team 
Location: Madrid (Hybrid) 

Thank you for checking out our job opening!  We are excited that YOU are interested in learning more about NCC Group. 

The Role: 

• You’ll be involved in every aspect of the attack chain, from social engineering and initial access to evading best-in-class EDR products and lateral movement. 

• Operational security and safety of target environments are critical. You’ll leverage your extensive experience managing operational risk and communicating with client stakeholders to mitigate risks throughout all Red Team activities. 

• You will lead in capability development and tool creation to automate activities or exploit weaknesses identified in the environment. 

• Lastly, you’ll apply your high standard of written English for reports and presentations, briefing both technical and C-level audiences on your activities and findings. 

Key Accountabilities: 

• Simulate adversarial attacks: Design and execute cyber-attack scenarios to identify vulnerabilities in infrastructure, applications, and processes, working with high-maturity clients and recognized regulatory frameworks. 

• Report and advise: Present findings and risks to stakeholders, offer actionable recommendations, and write attack narratives for non-technical readers. 

• Engage and collaborate: Work independently and as part of a team, building strong relationships with colleagues, clients, C-level teams, and security departments to maximize value. 

• Always learn: Stay updated on the latest adversarial techniques, tools, and cybersecurity trends, sharing successful methods and introducing new ones when appropriate. 

• Mentor and train: Act as a resource for junior team members and other departments, imparting knowledge on current threat vectors and best practices for defense. 

What We’re Looking For: 

• Demonstrable experience in advanced red teaming. 

• Experience working with global regulatory schemes (CBEST, TIBER, CORIE, AASE, iCAST, FEER). 

• A comprehensive understanding of most of the following domains: 

Cloud platforms and security mechanisms 

Microsoft Active Directory & Office 365 Security 

EDR/EPP bypasses 

Email Gateways and Filters 

Web Gateways and Proxies 

MacOS client environments 

• Proactive, team-oriented, and adept at problem-solving. 

• Familiarity with Spain's cybersecurity regulations, standards, and best practices. 

• CREST certifications (CCT-INF, CCSAS, or CCSAM) are a plus. 

About NCC Group: 

We are passionate about helping our customers protect their brand, value, and reputation against the ever-evolving threat landscape. We fuel this passion by investing in our people and our business. 

We strive to create an environment where all colleagues feel psychologically, emotionally, and physically safe to be authentic, share their personal experiences, and represent the diversity of the world they live in. We also ensure equal opportunity for everyone to achieve their best. 

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation businesses: NCC Group 

Benefits: 

• Competitive salary and package 

• Lifestyle and wellness benefits 

• A truly hybrid role that promotes a healthy work-life balance 

• Additional perks to enhance your day-to-day life 

About Your Application: 

We review every application received and will contact you if your skills and experience align with what we’re looking for. If you don’t hear back from us within 10 days, please don’t be discouraged – we may keep your CV on file for future vacancies and encourage you to continue checking our career opportunities for other roles that might be a good fit. 

If you’d prefer us not to retain your details, please email us at global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please let us know at any stage. 

Please Note: 

This role requires background clearance due to the nature of the work NCC Group performs. To apply, you must be willing and able to undergo the vetting process.