Cambridge, GBR
88 days ago
Red Team Operator
**AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.** **We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.** **If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers (https://www.aveva.com/en/about/careers/) .** **For more information about our privacy policy and how to manage cookies, visit our Privacy Policy (https://www.aveva.com/content/dam/aveva/documents/recruitment/Recruitment-Candidate-Fair-Processing-Notice-AVEVA.pdf) .** **Red Team Operator** **1.1.** **Primary Duties** + Assist Red Team Security Manager to perform Red Team engagements and operation. + Assist Red Team Security Manager to execute full-spectrum attack simulations (technology, social, physical). + Perform research to identify novel attack paths for ongoing and future Red Team engagements. + Research trends with regards to adversary tactics, techniques, and procedures, targeting, malware development and implementation. + Support Red Team Security Manager with network/infrastructure design and maintenance for Red Team engagements. + Assist with automation of infrastructure and tool development. + Participate in ongoing interactive Purple teaming activities through use of tools and manual testing. + Support Red Team Security Manager to automate attack techniques, creating custom tooling for specific operations and contributing to general-purpose open-source tools. + Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations. + Collaborate with AVEVA’s Cyber Security Response Team to improve detection and response capabilities. + Collaborate with AVEVA's Security Operation Team to propose defensive improvements to AVEVA’s environments. + Collaborate with AVEVA’s Governance, Risk and Compliance (GRC) Team to propose process and policy enhancements and additions. + Collaborate with AVEVA’s Vulnerability Management Team to prioritise remediation, mitigation, and exploitable vulnerability findings & severity. + Collaborate with AVEVA’s Cyber Threat Intelligence & Hunting Team to provide an adversarial perspective input and proritise ongoing and future Red Team engagements. + Collaborate with AVEVA’s Security Awareness and Culture team to communicate information security policies, processes, and procedures across the business. + Create and maintain Red Team documents to ensure these align with AVEVA Red Team vision and maturity plan. + Reports to Red Team Security Manager concerning security events & trends, residual risk, vulnerabilities, and other security exposures. **1.2** **Additional Duties** + Assist Cyber Security Response Team and Security Awareness Analyst with regular Phishing campaigns to help educate employees, consultants and contractors working for AVEVA based upon Incident data to target risky user groups. + Support Red Team Security Manager on research and assess new threats intelligence and security alerts and tailor Red Team engagements accordingly in concoction with the vulnerability management team. + Improve AVEVA’s Red Team service procedures and red team playbooks. + Support Red Team Security Manager to assist with control improvements, identifying control weaknesses and contributes to vulnerability advisories. + Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices. + Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, incident investigation and security controls. + Assist on reviewing and onboarding of Red Team technologies and tools. + Contributes through security advisories, blogs, and other communication channels on current and emerging security threats to AVEVA assets and people via the security awareness programme. **1.3** **Educational Qualifications** + Several years experience in at least three (3) of the following: + Red team operation and engagement + Network penetration testing and manipulation of network infrastructure + Mobile and/or web application assessments + API Security Testing + Email, phone, or physical social engineering assessments + Shell scripting or automation of simple tasks using Perl, Python, or Ruby + Developing, extending, or modifying exploits, shellcode using offensive tools i.e Pentesting Framework, Cobalt Strike, Core Impact, Burp, etc. + Reverse engineering malware, data obfuscators, or ciphers + Source code review for control flow and security flaws + Application security review and testing + Security risk assessment + Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain. + Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute or other relevant security certifications are an advantage. + Good knowledge of tools used for mobile, wireless, web application, cloud infrastructure and network security testing. + Good understanding of network protocols, data on the wire, and covert channels. + Good hands-on knowledge of Unix/Linux/Mac/Windows operating systems, including bash and Powershell. + Good presentation skills, to include capabilities at technical and non-technical level. **1.4** **Technical Competency and Experience** + Hands on mentality, with experience in red teaming and ethical hacking – from technical skills to soft skills + Offensive security experience and mindset: creating red teaming attack scenarios, weakest entry point, creative approach, multiple methods testing, stealthy approach, pivoting, social engineering, phishing and physical security and anything involving the human element. + Experience with various technologies and comfortable to picking up more (OS / tools / development languages / online technologies etc.) + Ability to stay on top of the fast-changing mindset of red teaming TTPs and tools that go with it to offer successful red team services. + Understand the defensive side, blue team, Security Operations Center (SOC), and security monitoring and response (SIEM, IDS/IPS etc), as well as EDR (e.g., for bypasses), overall monitoring, detection and indicators of compromise, and creating effective red team activities to test these (e.g., developing / using malware, pivoting, escalating privileges, staying stealthy etc). + Good communication skills and ability to working with all stakeholders, internal and external, finding, advising and implementing the best solutions. + Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary’s tactics and techniques and focus incident response. + Familiarity with cloud computing environments such as Microsoft Azure and AWS. + Familiarity with Security Operations Centers (SOC) + Experience exploiting vulnerabilities in at least two of the following areas: + Web applications + Cloud environments (Azure / GCP / AWS) + Linux and/or MacOS workstations + Software supply chain + Mobile Applications + Network environments + Experience using scripting, automation, and API’s with languages such as Powershell, YML, Json and Python as an advantage. + Experience using Security Information and Event Management (SIEM) and analysing log data sources. + Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. + Experience with common information security management frameworks, such as MITRE Att&ck, International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks. **AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.** **AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.** **Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.** Empowering you with pioneering tech AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably. We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies. If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers (https://www.aveva.com/en/about/careers/) . For more information about our privacy policy and how to manage cookies, visit our Privacy Policy (https://www.aveva.com/content/dam/aveva/documents/recruitment/AVEVA-Recruitment-Candidate-Fair-Processing-Notice-2024.pdf) .
Confirm your E-mail: Send Email