Red Team Operator - Senior Level

SpearTip, a company of Zurich’s Red Team, emulates real-world attacks by conducting targeted operations that replicate the tools, tactics, and procedures (TTPs) of threat actors. Lead research with the goal of developing new TTPs to improve attack efficacy and assist with defensive efforts. Partner with other teams to develop tooling and instrumentation to enhance our detection and response capabilities. The Red Team, in this role, will coach and mentor team members to enhance their capabilities.Tasks:Conduct and/or support authorized adversarial emulations on enterprise network assets.Create reports and recommendations from findings, including issues uncovered and levels of risk.Collaborate with other internal and external partner organizations on target access and operational issues.Create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities.Support in Penetration Tests and help develop the red team offering.Required Skills:Bachelor's degree and 5 or more years of experience in the Information Technology area ORZurich Cybersecurity Technician Apprentice, including Cyber Security Certification and 6 or more years of experience in the Information Technology area ORHigh School Diploma or Equivalent and 7 or more years of experience in the Information Technology area ANDMS Office experience ANDKnowledge of Cyber Security Operations.Preferred Skills:2-3 years planning or leading and 3-5 years conducting Red Team operations.Expertise with commodity and advanced threat actor TTPs.Capacity to relate findings of offensive engagements to both executive and technical audiences.Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.Knowledge of evasion strategies and techniques (A/V, WAF, NGAV, EDR, etc.).Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.Experience with red teaming and covert computer exploitation.Experience with malware development.Experience in exploit development and reverse engineering.Experience building, deploying, and managing offensive security operational infrastructure.Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).Experience with leveraging open-source penetration testing tools including Metasploit or the Kali Linux toolset.Experience working in a Purple Team environment testing and building detections.Experience with common command and control and post-exploitation frameworks (Cobalt Strike, Mythic, Covenant, Metasploit, etc.).Conducted open-source intelligence gathering and social engineering.Compensation:Compensation for roles at Zurich varies depending on various factors including but not limited to the specific office location, role, skill set, and level of experience. The starting salary range for this position is $96,300.00 - $157,700.00.Location(s):

AM - Remote Work (US)Remote Working:

YesSchedule:

Full TimeEmployment Sponsorship Offered:

No

#J-18808-Ljbffr