Red Team and Penetration Testing Specialist

Job Description

About the job position:

Do you have an "attacker mindset" in the world of cyber security? If you are interested in simulating complex attacks and identifying security vulnerabilities, don't miss the opportunity to work in our advanced team.
In this position, you will be responsible for the design and execution of penetration tests and advanced attacks that examine the security of the organization's critical infrastructure. The main goal is to identify and improve security weaknesses by simulating real threats.

Duties and Responsibilities:

-Simulation of complex threats: designing and implementing simulated attack scenarios in order to assess the organization's weaknesses against real-world threats.
Penetration Testing and Vulnerability Assessment: Conducting detailed penetration tests on systems and web applications to discover potential vulnerabilities and threats.
- Working with specialized tools: using advanced security tools such as cobalt strike, burp suite, nmap, metasploit and other modern tools to simulate attacks.
Vulnerability analysis and fix: identify and exploit vulnerabilities in a controlled manner and provide detailed solutions to fix them.
- Cooperation with defense teams (blue team): close cooperation with internal security teams to improve defense methods and improve the security of organizational infrastructure.

Necessary skills and requirements:

Familiarity with attack methods and standard models: mastery of red team concepts and methodologies such as miter att&ck, cyber kill chain and attack simulation methods.
- Mastery of security and penetration testing tools: hands-on experience with tools such as burp suite, metasploit, cobalt strike, nmap and wireshark to perform attack simulations and security assessments.
Familiarity with Active Directory: the ability to test and evaluate the security of Microsoft Active Directory services and advanced techniques to infiltrate systems and increase access.
Advanced Penetration Ability: Experience in lateral movement, increased scoring and passing defense systems such as edr/av.
- Script writing: skill in writing custom scripts with one of Python, PowerShell, JavaScript or bash languages.
Familiarity with web vulnerabilities: In-depth knowledge of common vulnerabilities in web applications and the ability to test them based on owasp standards.
- Skill in social engineering: experience in designing and implementing phishing attacks and persuasion campaigns (social engineering).

Personal characteristics:

-Critical and creative thinking: the ability to see issues from different angles and solve complex problems in an innovative way.
- English language: the possibility of using specialized resources and documents in English.
- Adherence to continuous learning: interested in learning and updating skills in the field of cyber security.

Why do you cooperate with us?

If you're ready to join our advanced cybersecurity team and tackle real-world cyber threats, we look forward to working with you. We are looking for people who are not only interested in the world of cyber security, but also have the ability to face complex challenges.