Offensive Security Lead-HybridEstablished in 2013 and now based in Blackrock, the Dublin Technology Centre delivers best in industry infrastructure and security services across the Zurich Insurance Group. Whether it's with one of our core capabilities such as Cyber Security, or working with our Cloud or Crowdsourcing teams, our customers are our priority. We work hard to deliver our services excellently with our unique talent. We are committed to working with the best and brightest people from the broadest talent pool possible. We believe a diversity of ideas fosters innovation and engagement, allows us to attract the best people, and to develop the best products, services and solutions. Qualified individuals from all walks of life are encouraged to apply.
Zurich Dublin Technology Center is looking for an Offensive Security Lead to join the existing internal Red Team which emulates real-world attacks by conducting targeted operations that emulate the tools, tactics, and procedures (TTPs) of threat actors. Lead research with the goal of developing new TTPs improving attack efficacy and assist with defensive efforts. Partner with other teams in the Cyber Fusion Center (CFC) to develop tooling and instrumentation to improve our detection and response capabilities. The Red Team also interacts with our Incident Responses teams in Purple Team exercises to expand detection capabilities.
Your RoleAs an Offensive Security Lead your main responsibilities will include, but not necessarily be limited to, the following:
Conduct and/or support authorized adversarial emulations on enterprise network assets.Create reports and recommendations from findings, include issues uncovered and levels of risk.Collaborate with other internal and external partner organizations on target access and operational issues.Create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities.Your Skills & ExperienceAs an Offensive Security Lead your skills and qualifications will include:
3-5 Years planning, leading, or conducting Red Team operationsExpertise with commodity and advanced threat actor TTPs.Capacity to relate findings of offensive engagements to both executive and technical audiences.Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.Knowledge of evasion strategies and techniques (A/V, WAF, NGAV, EDR, etc.).Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.Experience with red teaming and covert computer exploitation.Experience with malware development.Experience building, deploying, and managing offensive security operational infrastructure.Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).Experience with leveraging open source penetration testing tools including Metasploit or the Kali Linux tool set.Experience working in a Purple Team environment testing and building detections.Experience with common command and control and post-exploitation frameworks (Cobalt Strike, Mythic, Covenant, Metasploit, etc.).Conducted Open source intelligence gathering and social engineering.Ability to work independently, as well as within a global group of contributors.Demonstrated ability to learn and apply critical thinking to a variety of situations.One or more of the following certifications: OSCP, OSEP, OSCE, OSWE, GPEN, GXPN and/or CRTO.Additional InformationPrimary work location is Blackrock based but occasional travel may be required to other Zurich locations.
If you value an exciting and varied working environment and meet the above requirements, then our recruiter is looking forward to receiving your application by clicking on the button "Apply online".
#J-18808-Ljbffr
