About the Role

We are looking for a Senior Red Team Analyst/Red Team Specialist to lead advanced red teaming and adversary simulation activities. This role focuses on executing real-world attack scenarios, helping assess and strengthen the organizations detection, response, and resilience against modern cyber threats.

Responsibilities :

- Execute advanced based Red Team engagements simulating real-world attackers / Advanced Persistent Threats (APTs)

- Perform objective-driven zero-knowledge assessments or / and assume breach attack scenarios

- Perform offensive security testing on enterprise environments including Active Directory, cloud platforms, endpoints, and SaaS applications

- Develop, customize and manage Red Team infrastructure and toolset

- Execute stealth / opsec safe toolset, defense evasion techniques / payloads, and employ command-and-control (C2) frameworks / tools during the engagement

- Map red team activities to MITRE ATT&CK TTPs and threat intelligence

- Deliver clear, actionable reports for technical and executive audiences

- Collaborate with Blue teams to improve detection and response capabilities within the client organization

- Mentor and guide junior offensive security / red team members

Experience :

- 6-8 years of experience in Red Teaming, offensive security, cloud penetration testing, or other advanced penetration testing exercises

- Strong hands-on experience in performing network penetration testing, carrying out social engineering assessments, wireless security assessments, application penetration testing, active directory penetration testing, physical security assessments

- Extensive experience with security assessment tools, such as Nmap, Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, Empire, Impacket or similar tools / utilities

- Familiarity with Automated Red Team tools such as Metasploit, FireCompass, Pentera Surface, Cycognito.

- Experience working with or attacking cloud environments (Azure/AWS)

- Proficiency with at least one scripting language (Python, Perl, Ruby)

- Development/modification of exploits, shellcode and associated tooling.

- Exposure to Red Team, Purple Team, or adversary emulation exercises

- Strong communication and stakeholder engagement skills

- Cloud penetration testing or red teaming experience would be an added advantage

Certifications :

- Holding any of the certifications mentioned below would be beneficial.

- GIAC Penetration Tester (GPEN)

- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

- Certified Red Team Professional (CRTP)

- Certified Red Team Expert (CRTE)

- Offensive Security Certified Professional (OSCP)

- Offensive Security Certified Expert (OSCE)

- CREST Penetration Testing