Red Team Security Analyst

Team: Cyber Resilience & Defence

Designation: Red Teaming/Security Assurance Analyst

Job Role:

Experience:

Shifts

support & be available on call when required.

Essential Technical skills:

Solid experience in Red Teaming assessments, utilizing both offensive and defensive cyber techniques.

Proficiency with the MITRE ATT&CK framework and its application in cyber defense strategies.

Strong understanding of Cyber Threat Intelligence sources, methods, and analysis.

Proven capability in threat-hunting methodologies and tools.

Hands-on experience in Digital Forensics and Incident Response (DFIR)

investigations.

Design and Development of Techniques and Tactics:

1. Physical Social Engineering Attacks: Conducting covert operations that involve manipulating individuals to gain physical access to secure areas or sensitive information, including tactics such as tailgating, pretexting, and impersonation.

2. Rapid Payload Prototyping: Developing and deploying customized malware and exploits quickly to simulate real-world attack scenarios, enabling the testing and improvement of an organization’s defensive measures.

3. Effective Scenario Development Based on Use Cases: Crafting realistic and relevant attack scenarios that are tailored to an organization’s specific environment and threat landscape, ensuring that the Red Teaming exercises are impactful and aligned with real-world threats.

Excellent analytical and problem-solving skills, with the ability to think strategically and act tactically in high-pressure situations.

Effective communication skills, with the ability to convey complex technical

information to non-technical stakeholders.

Relevant certifications (e.g., OSCP, CISSP, GIAC) are advantageous.

Non-Technical Skills –

• Clear and concise communication of technical information to non-technical stakeholders, fostering understanding and informed decision-making.
• Analytical ability to identify root causes of cyber issues, assess risks, and propose practical solutions in dynamic environments.
• Proven capability to work effectively in cross-functional teams, leveraging diverse perspectives to achieve cybersecurity objectives.
• Efficient prioritization and task management to meet deadlines in high-pressure situations, ensuring timely response to cyber incidents.
• Readiness to adapt to evolving cybersecurity threats and technologies, with a commitment to continuous learning and professional development.