إنتهت صلاحية هذا الإعلان الوظيفي لقد إنتهت صلاحية هذا الإعلان الوظيفي و هو غير مفتوح حاليا لأي طلبات عمل.
إرفاق
وصف الوظيفة
-
Lead Red Team Engagements: Plan and carry out advanced red team operations, emulating APT-level adversaries using threat intelligence and the MITRE ATT&CK framework.
-
Custom Tool Development: Design, build, and maintain tailored offensive tools, payloads, and stealthy C2 infrastructure (e.g., Cobalt Strike, Mythic, Sliver, custom implants).
-
Bypass & Evasion: Perform advanced threat emulation exercises focused on bypassing EDR/XDR solutions, SIEM rules, and detection engineering using techniques such as DLL sideloading, LOLBins, and custom malware.
-
Deep Penetration Testing: Conduct full-spectrum penetration tests on networks, applications, APIs, containers, and cloud environments using tools like Burp Suite, Nmap, BloodHound, Impacket, and custom scripts.
-
Cloud & Cross-Platform Attacks: Exploit vulnerabilities in Windows, Linux, macOS, and across AWS, Azure, and GCP. Perform privilege escalation, lateral movement, and cloud service abuse.
-
Azure Security Focus: Experience identifying security risks in Azure environments—AKS, Azure AD, Key Vault, NSGs, and Azure Security Center.
-
Social Engineering: Plan and execute targeted phishing, pretext calls, and physical assessments to test human and procedural vulnerabilities.
-
Offensive Automation: Develop and automate offensive operations using Python, PowerShell, Bash, or C/C++. Build custom droppers, loaders, and API-driven attack workflows.
-
Reporting & Documentation: Deliver detailed technical reports, attack chains, POCs, and prioritized mitigation strategies for security engineering and SOC teams.
-
Purple Teaming: Collaborate with SOC, detection, and incident response teams to co-design detection logic, threat hunts, and improve telemetry coverage.
المهارات
-
7+ years of hands-on experience in red teaming, offensive security, or advanced pentesting.
-
Expertise in adversary simulation, threat emulation, and MITRE ATT&CK-based operations.
-
Deep understanding of offensive security toolkits and infrastructure:
-
Cobalt Strike, Mythic, Sliver, Empire, Metasploit, Covenant
-
BloodHound, Mimikatz, Responder, Burp Suite, Nmap, Impacket
-
-
Skilled in scripting and exploit development:
-
Python, PowerShell, Bash, C/C++
-
-
Strong knowledge of networking protocols and systems:
-
TCP/IP, DNS, SMB, LDAP, Kerberos, Active Directory, Azure AD
-
-
Strong communication skills, with the ability to create both technical and executive-level reports.
-
Certifications (Preferred)
-
Offensive Security: OSCP, OSCE, OSEP, OSEE, CRTO
-
SANS/GIAC: GPEN, GXPN, GCPN, GREM
-
Cloud Security: AWS Security Specialty, Azure SC-100
-
تفاصيل الوظيفة
المرشح المفضل
