We are looking for an experienced Red Team Consultant to join our client Cybersecurity team. You will lead offensive security operations, simulate real-world cyber-attacks, assess security weaknesses, and help clients strengthen their security defenses.
Key Responsibilities:
- Plan and execute full-scope Red Team operations simulating real-world attacks (phishing, social engineering, lateral movement, AD exploitation).
- Lead penetration tests across web, mobile, network, IoT, and infrastructure.
- Perform Active Directory (AD) assessments and exploit misconfigurations to achieve domain dominance.
- Gather open-source intelligence (OSINT) from surface, deep, and dark web sources.
- Use tools such as Mimikatz, Impacket, BloodHound, and CrackMapExec for post-exploitation activities.
- Collaborate with SOC and Blue Teams on Purple Teaming initiatives.
- Create and present detailed technical reports and recommendations.
- Design phishing campaigns, red team playbooks, and engagement strategies.
- Collaborate with clients on scope drafting (SOWs, RFPs) and ensure vulnerability tracking using tools like JIRA.
- Conduct internal VAPT for non-regulatory projects and lead awareness sessions when needed.
Qualifications & Skills:
- Experience: 6+ years in Information Security focusing on Red Teaming and Penetration Testing.
- Certifications (Preferred): OSCP, CRTP, CISEH.
- Technical Skills:
- Red Team & Exploitation Tools: Mimikatz, Impacket, BloodHound, CrackMapExec
- Web/Mobile VAPT: OWASP Top 10, Business Logic Testing
- Scripting: Python, PowerShell, Bash, PHP, JavaScript
- Networking: TCP/IP, DNS, DHCP, VPNs, LAN/WAN, Firewalls
- Operating Systems: Kali Linux, Windows, Ubuntu, macOS
- Tools: Burp Suite, Nessus, Metasploit, NMAP, Wireshark, Checkmarx, SQLmap
