Our Red Team Lead is responsible to lead a group a Red Team Operators through the design and execution of Red Team Campaigns and exercises. This lead will work on complex assignments including traditional Red Team Campaigns, Purple Team Engagements, Code and Tradecraft Development, Physical Security Assessments, Reporting/Documentation, and collaboration with a diverse group of teams.
The Red Team Lead conducts various security assessments in a variety of domains; Physical, Cyber, Social Engineering, Insider Threat, and Purple Teaming. Techniques and tradecraft used during engagements include commercial, open source, and custom tooling. Red Team Operators also provide insight to various teams about an attacker's mindset and potential threat during active or potential security incidents. Red Team Operators will take on a wide range of work that requires ingenuity and at times little to no documentation or formal method to learn a topic. Red Team Operators must be able to learn multiple ways to breach a target and subvert defensive controls. Close collaboration with Humana's Cyber Defense Teams and the ability to communicate well with Director and Vice President level and above is a must.
Experience with the commonly used attack frameworks (Cobalt Strike, Metasploit, CANVAS, Empire, Core Impact, etc.).
Strong scripting abilities using PowerShell, python, ruby, and/or programming with compiled languages (C/C++, Golang, etc.).
Experience managing infrastructure and services within Azure, AWS and GCP also preferred
Experience with Active Directory (and Azure AD), how to abuse it, how to protect it.
The ability to think like a defender (control evasion).
Experienced in setting up testing scenarios from an adversarial perspective or performing reconnaissance on a company in order to test cyber defense and detection.
Ability to create clean, cohesive reports showing impact to business and clear action items.
Experienced in exploiting application layer vulnerabilities and creating and/or customizing exploits Ability to create and/or customize exploits in order to penetrate a network.
Ability to exploit vulnerabilities in Linux, Windows, and embedded devices.
Strong familiarity with Mitre ATT&CK Framework
Typically requires Bachelor's degree or equivalent experience and 5 years or more of technical experience.
Any other Offense Oriented Certifications that are Practical (Not Multiple Choice)
Scheduled Weekly Hours