Offensive Security specialist

Job Title: Offensive Security Specialist (Red Team)

Department:

Location:

Job Type:

Reports To:

Position Overview:

Red Team Offensive Security Specialist

Key Responsibilities:

1. Red Team Operations & Attack Simulation

• Design and execute full-scope adversary emulation campaigns against internal systems, networks, and identified assets
• Simulate advanced persistent threats (APTs), insider threats, and targeted attack scenarios using TTPs derived from real-world intelligence
• Conduct physical and cyber infiltration testing of sensitive networks and secure zones (where authorized)

2. Threat Emulation and Nation-State Tactics

• Emulate the tactics, techniques, and procedures of known hostile foreign actors and cyber warfare units
• Integrate threat intelligence feeds to align Red Team exercises with evolving global threat landscapes
• Execute covert testing (assumed breach, initial access, lateral movement, and exfiltration) without disrupting services

3. Advanced Tooling and Exploitation

• Customize and develop zero-day exploitation chains, payloads, and implants
• Maintain and operate stealth C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic, Empire)
• Bypass defense-in-depth controls such as SIEM, EDR, NDR, hardened OS environments, and advanced firewalls

4. Technical Reporting and Strategic Advisory

• Deliver detailed technical debriefs and executive-level threat simulation reports
• Collaborate with Blue Team, SOC, and CTI teams to test and tune detection rules and response playbooks
• Recommend enhancements to cyber defense posture based on operational findings

5. Confidentiality and Operational Discipline

• Work in a high-security, with strict operational protocols
• Handle classified data with absolute discretion and compliance to national laws
• Follow secure coding, storage, and usage procedures for Red Team tooling

Preferred Skills and Experience:

• Minimum 5+ years in offensive security / Red Teaming,
• Expert knowledge in:
• Offensive Windows & Linux security
• Advanced network pivoting, traffic obfuscation, and lateral movement
• Active Directory abuse, Kerberos attacks, and credential theft
• Binary exploitation, shellcode development, AV/EDR evasion
• Fluency with frameworks such as MITRE ATT&CK, D3FEND, Cyber Kill Chain
• Strong scripting and tooling development skills (Python, PowerShell, Bash, Go, or C++)
• Experience operating in air-gapped and sensitive environments

Preferred Qualifications:

• Bachelors Degree or equivalent
• Certifications:
• OSCP, OSEP, CRTO II, OSCE3, GPEN, GXPN, GCPN
• Prior experience in:
• Critical infrastructure (SCADA/ICS) Red Teaming will be an advantage
• OPSEC procedures and classified engagement protocols