Job description
PURPOSE OF JOB :
The Cyber Security Red Team’s purpose is to ensure the security and resiliency of the Bank’s computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business risk managers to provide high quality security solutions and services that are focused on improving the Bank’s security and risk posture.
The Cyber Security Red Team Lead is tasked with building and leading a team of qualified and highly skilled attack operators who are tasked with identifying and containing advanced cyber security threats targeting the bank. The successful candidate will have a proven track record in leading advanced network exploitation operations, to include Cyber Red Team operations. Additionally, candidates will have proven experience with in-depth technical analysis of computer networks culminating in the identification of existing and potential vulnerabilities that if exploited would allow unauthorized access to NBAD Group systems.
TASK:
Desired Skills and Experience
Basic Qualifications:
Master’s Degree in Cyber Security, Computer Science, Technology related fields and/or equivalent industry experience
Overall 10 years of Information Security experience with two of the following:
At least 5 years experience performing network penetration testing
At least 5 years experience performing application security assessments
At least 5 years experience with Cyber Red Team operations
At least 5 years experience performing and leading network exploitation operations.
Demonstrated experience leading and managing cyber operations and personnel.
Advanced knowledge of networking fundamentals (all OSI layers)
Advanced knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
Strong knowledge of software exploitation (web, client-server and mobile) on modern operation systems
Strong understanding of Red Team and Penetration testing methodologies and tools
Familiarity with interpreting log output from networking devices, operating systems and infrastructure services
Must be able to manage new and existing cyber security requirements, ensure personnel are fully trained and certified via internal NBAD Group standards, and implement control and risk procedures to ensure all Red Team operations are conducted within strict accordance of NBAD Cyber Security standards and directives.
Preferred Qualifications:
OSCP, OSCE, OSWP, GPEN, GWAPT, GMOB, GAWN, GXPN, GCIH, CPT
2+ years of experience with threat modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)
Click on THIS link to apply.
PURPOSE OF JOB :
The Cyber Security Red Team’s purpose is to ensure the security and resiliency of the Bank’s computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business risk managers to provide high quality security solutions and services that are focused on improving the Bank’s security and risk posture.
The Cyber Security Red Team Lead is tasked with building and leading a team of qualified and highly skilled attack operators who are tasked with identifying and containing advanced cyber security threats targeting the bank. The successful candidate will have a proven track record in leading advanced network exploitation operations, to include Cyber Red Team operations. Additionally, candidates will have proven experience with in-depth technical analysis of computer networks culminating in the identification of existing and potential vulnerabilities that if exploited would allow unauthorized access to NBAD Group systems.
TASK:
- Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc.
- Plan, lead and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on critical functions targeted by adversaries.
- Communicate areas for improvement to Senior leadership team to improve the overall effectiveness of attack emulation activities.
- Design and develop scripts, frameworks, tools and the methods required for facilitating and executing complex attacks and emulating adversarial TTPs.
- Malware analysis and malware reverse engineering to extract indicators of compromise to be used to support testing and hunting activities.
- Bespoke development of malware/rootkits and customization of existing malware to emulate adversarial capabilities.
- Assemble and coordinate with the Intrusions and other teams at NBAD to resolve security incidents as quickly and efficiently as possible.
- Communicate status of missions and hunting activities to Senior leadership.
- Ensure effective knowledge management of findings and review results of any attack campaign in order to determine severity of findings and identify potential remediation or mitigation strategies.
- In-depth research of the latest adversarial TTPs and technologies to remain at the bleeding edge.
- Mentor and train more junior staff in attack techniques, tool/exploit development, intelligence analysis and adversarial tactics.
- Work closely with Blue Team members to help improve the team’s abilities in Detection, Prevention, and Response capabilities.
Desired Skills and Experience
Basic Qualifications:
Master’s Degree in Cyber Security, Computer Science, Technology related fields and/or equivalent industry experience
Overall 10 years of Information Security experience with two of the following:
At least 5 years experience performing network penetration testing
At least 5 years experience performing application security assessments
At least 5 years experience with Cyber Red Team operations
At least 5 years experience performing and leading network exploitation operations.
Demonstrated experience leading and managing cyber operations and personnel.
Advanced knowledge of networking fundamentals (all OSI layers)
Advanced knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
Strong knowledge of software exploitation (web, client-server and mobile) on modern operation systems
Strong understanding of Red Team and Penetration testing methodologies and tools
Familiarity with interpreting log output from networking devices, operating systems and infrastructure services
Must be able to manage new and existing cyber security requirements, ensure personnel are fully trained and certified via internal NBAD Group standards, and implement control and risk procedures to ensure all Red Team operations are conducted within strict accordance of NBAD Cyber Security standards and directives.
Preferred Qualifications:
OSCP, OSCE, OSWP, GPEN, GWAPT, GMOB, GAWN, GXPN, GCIH, CPT
2+ years of experience with threat modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)
Click on THIS link to apply.
No comments:
Post a Comment