Blue Team Security Researcher

CyberForceHQ • Full-time • دبي, AE • 2m ago

Position: Blue Team Security Researcher

Job Type: Full-time

Location: Remote / On-site

About the Role:

We are seeking a highly skilled and motivated Blue Team Security Researcher to join our team. The ideal candidate will have a strong background in defensive security (Blue Team) and experience developing hands-on labs and real-world defensive scenarios. You will be responsible for researching the latest cybersecurity threats, building training environments, and collaborating to develop a platform aimed at assessing and hiring blue team candidates. If you are passionate about cybersecurity and have a knack for creating engaging educational content, we want to hear from you!

Key Responsibilities:

Lab Development:

Design and develop blue team-focused labs and training environments that simulate real-world attack and defense scenarios.
Create challenges and environments based on current attack trends and defensive techniques (using frameworks like MITRE ATT&CK).
Ensure that the labs are realistic, hands-on, and aligned with industry best practices for defensive security.

Platform Collaboration:

Work closely with the development team to create an engaging, user-friendly platform for assessing blue team candidates.
Design technical assessments, scoring mechanisms, and scenario-based challenges to evaluate candidates’ skills.
Ensure that the platform’s content evolves with emerging threats and defensive strategies.

Research and Threat Intelligence:

Conduct research on the latest cybersecurity threats, vulnerabilities, and defense techniques.
Continuously analyze new tools, tactics, and procedures (TTPs) used by adversaries and incorporate this into the training labs.

Content Creation:

Develop educational materials such as guides, videos, and write-ups that explain various defensive techniques.
Work on creating and delivering blue team-oriented content that helps train security professionals at various skill levels (L1-L3).

Blue Team Simulation and Detection:

Design, implement, and test security solutions and simulations using various security tools (SIEM, IDS/IPS, firewalls, endpoint protection, etc.).
Build defensive scenarios that allow users to perform threat hunting, incident detection, and mitigation tasks in realistic environments.

Candidate Assessments:

Develop and oversee assessments for potential blue team candidates based on the labs and scenarios you create.
Evaluate the results of these assessments and provide input on candidates’ skill levels.

Requirements:

Blue Team Expertise:

Strong knowledge of defensive security principles, including incident detection, response, threat hunting, and mitigation.
In-depth understanding of cybersecurity frameworks like MITRE ATT&CK, NIST, or others.

Experience with Security Tools:

Proficiency with security tools such as SIEM platforms (e.g., Splunk, ELK), IDS/IPS, firewalls, EDR solutions, and other network monitoring tools.
Experience setting up and tuning these tools in a lab environment is essential.

Lab/Training Environment Development:

Proven experience developing cybersecurity labs, CTF challenges, or technical training environments.
Familiarity with virtualized environments (e.g., VirtualBox, VMware, Docker, or cloud platforms like AWS/Azure).

Research and Analysis:

Ability to conduct research on current cybersecurity threats, analyze adversary behavior, and implement findings into training environments.
Knowledge of threat intelligence platforms and how to leverage them for defensive research.

Content Creation Skills:

Strong written and verbal communication skills, with the ability to create educational content such as videos, guides, and challenges.
Demonstrated experience explaining technical topics to non-technical audiences is a plus.

Certifications (Preferred but not required):

Industry certifications such as OSCP, CEH, CISSP, GCIA, GCIH, or similar defensive security qualifications.

Platform Development Collaboration:

Experience or a strong interest in collaborating with developers to build platforms focused on blue team assessments and labs.
Familiarity with LMS (Learning Management Systems) or online CTF platforms is a bonus.

Nice to Have:

Hands-on experience with scripting or automation for defensive tasks (e.g., Python, Bash, PowerShell).
Participation in blue team CTF competitions or experience as a CTF challenge creator.
Knowledge of cloud security and defending cloud environments (AWS, Azure, GCP).

What We Offer:

Flexible Work Environment: Work remotely or from one of our office locations.
Impactful Work: Play a key role in creating a platform that shapes the future of blue team talent.
Professional Growth: Opportunities for training, certifications, and attending industry events.
Competitive Compensation: A salary that matches your expertise, plus benefits.

Apply