As a Senior Cyber Red Team Engineer at Equifax, you'll be at the forefront of our global defense strategy, emulating real-world threats and challenging our security measures. You'll have the autonomy to design and execute complex Red & Purple Team operations that will directly enhance our resilience against evolving cyber threats.

This is an opportunity to make a tangible impact, working alongside top-tier cybersecurity talent and influencing the protection of millions. If you're a highly motivated individual with a proven track record in offensive security and a desire to shape the future of cybersecurity, we want to hear from you.

What you’ll do:

Lead the design and execution of realistic Red & Purple Team operations with the aim of identifying vulnerabilities and strengthening our defenses.Help shape security standards by collaborating on the development, implementation, and testing of Equifax's security controls.Stay ahead of the threat landscape by partnering with Threat Intelligence and other Cybersecurity teams to research, analyze, and investigate emerging threats.Elevate our cyber readiness by creating and leading comprehensive simulation programs to enhance our Cybersecurity detection, response, and investigation capabilities.Foster collaboration by building strong relationships with Security and IT leaders across business units, promoting a culture of shared responsibility for cybersecurity.Drive continuous improvement by delivering detailed reports and insights to management, audit, and stakeholders, ensuring identified risks are prioritized and addressed.Act as a trusted advisor, providing expert support to Audit and external clients, showcasing your deep knowledge and commitment to security excellence.Manage external expertise by planning, coordinating, and overseeing third-party, threat-based assessments, ensuring they align with our strategic objectives.

What experience you need:

Required bachelor's degree in Computer Science, Information Technology, Cyber Security and Information Assurance or related fieldMinimum of 5 years of experience performing in Cyber Security related rolesMinimum of 2 years experience with command and control frameworks such as Cobalt Strike and Silver.2+  years of experience in Cloud based platform environments (Preferably Google or AWS).2+ years of experience implementing command and control framework customizations.2+ years of experience in basic networking fundamentals, e.g., IP, TCP, UDP2+ years of experience with one of the following scripting languages: Python, Perl, Ruby2+ years of experience reviewing source code for security flaws2+ years of experience in development/modification of exploits, shellcode and associated toolingEnglish language proficiency B2+ minimum (Emmersion Test)

What could set you apart:

Industry certifications: Certified Ethical Hacker (CEH) certification, GPEN (GIAC Penetration Tester), OSWE (Offensive Security Web Expert), Certified Red Team Operator, or Offensive Security Certified Professional (OSCP) preferred.Portfolio of software development projects, research, or documentation of implementing lab environments relating to information securityExperience automating cloud technologies via API callUnderstanding of MITRE ATT&CK frameworkUnderstands  *NIX and Windows operating system functionality.Will be an enthusiast, “all things Cyber”, who attends trainings, conferences, home labs, etc.
 

Primary Location:

CRI-Sabana

Function:

Function - Security Governance and Compliance

Schedule:

Full time