Job Accountabilities

Ø To provide second level of assurance as per the Group Information security Policy and practises for Businesses as well as various functional areas of IT

Ø Perform Red Team Missions as per plans and w.r.t Environmental situation and ongoing developments across globe

Ø Identify control gaps and opportunities for improvements.

Ø Document the results of Red Team Missions in accordance with documentation guidelines

Ø Report and Guide Blue Team on improvements of controls

Ø Setup/ Enhance Red Team Lab/ Weapons to improve effectiveness of Red Team Testing methodologies and technique.

Technical Knowledge & Skills

1.    Understanding of MITRE Framework and Kill Chain 

2. Experience on Open-Source Intelligent Gathering

3. Experience in Active Directory/ Authentication Services Security testing

4. Experience in Network Pentesting

5. Experience in infrastructure Pentesting

6. Experience in Red Teaming (External or Internal) and understanding of protection controls 

7. Knowledge of Metasploit / PowerSploit / Mimikatz / Impacket / Cobalt Strike / any CnC framework

8. Bypass Securtiy Controls / Security Solutions 

Skills Required (Knowledge and Skills)

1. Good understanding of system internals

2. Good understanding of OSI Layers and networking concepts

3. Understanding of common Application architecture, different components and structure 

4. Scripting language in Python / Powershell (security testing script/ utility/ tool development)

5. Programming language c / c++

6. Conversant with Global Threat Updates and developments around Hacking/ Penetration Testing approaches

7. Conversant with all global standards for Information security

Key Attributes (Experience and Qualifications)

1.      BE/B.Tech/ME/M.Tech/MCA/MS from a reputed/recognized institute

2.      3-5 years of experience in IT or Information Security Domain plus 1-2 years’ experience in Penetration Testing/ Ethical Hacking

3.      Any Security Certification i.e. CEH / OSCP / OSCE / CRTP / CRTE / any offensive security certification

Desirable-

1.       Knowledge of Exploit development / Exploit modification

2.      Exposure on Security Research/ Ethical Hacking activities