Applicants for this position should be able to display leadership and business judgment in anticipating client/project needs and developing alternative solutions.
- Compromising the target’s security by extracting information, infiltrating its systems, or breaching its physical perimeters.
- Avoiding detection by the blue team. Many attacks occur over a fleeting period of time, making it extremely tricky for the blue team to neutralize the threat before the ‘damage’ is done.
- Exploiting bugs and weaknesses in the target’s infrastructure. This highlights gaps in the organization’s technical security that require fixing, thus improving its security posture.
- Initiating hostile activity – including sophisticated penetration testing – giving a reliable assessment of the blue team’s defensive capabilities.
The must-have skill sets
- Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the target.
- Deploying command-and-control servers (C&C or C2) to establish communication with the target’s network.
- Using decoys to throw the blue team off the scent.
- Applying social engineering and phishing techniques to manipulate employees into exposing or revealing information to compromise their machines.
- Physical and digital penetration testing
- Network penetration testing and manipulation of network infrastructure
- Shell scripting or automation of simple tasks using Perl, Python, or Ruby
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Reverse engineering malware, data obfuscators, or ciphers
- Thorough understanding of network protocols, data on the wire, and covert channels
- Mastery of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
- Build security tools and Automation Red Teaming Workflow
- Utilize Threat Modelling methodologies to identify threats and shape Red Team operations
- Understanding of Mitre’s ATT&CK Framework
- SANS and Offensive Security certifications are highly desirable
- Web Penetration Testing (OWASP and SANS)
Equal employment opportunity
Rezilyens is an equal opportunity employer and is dedicated to fostering an inclusive and diverse environment for employees from all walks of life. We hire based on talent and we’re proud of our global perspective.