- Cybersecurity Engineering
- Dubai
Red Team Engineer (OffSec Engineer)
01/ Job Description
Red Team Engineer (OffSec Engineer)Position Overview:
We are seeking a skilled Red Team Engineer to join our growing cybersecurity team. As a Red Team Engineer, you will play a critical role in proactively identifying and exploiting weaknesses in our clients' systems. You will leverage your expertise to perform a variety of security tests and assessments, helping us deliver robust security solutions to our clients.
Responsibilities:
Penetration Testing & Vulnerability Assessments:
- Conduct comprehensive network penetration testing and web application security assessments for a diverse range of clients across various industries.
- Employ advanced techniques to identify, analyze, and exploit vulnerabilities in systems, mimicking real-world attacker behavior.
- Develop custom scripts and tools to automate vulnerability discovery and exploitation.
Security Engagement & Reporting:
- Collaborate with the team to design and execute effective security assessments and engagements.
- Analyze results, propose solutions to security issues, and recommend long-term security controls for clients.
- Craft comprehensive reports documenting assessment findings and recommendations, catering to both technical and non-technical audiences.
- Deliver clear and concise presentations on security risks and solutions to technical and non-technical stakeholders, including executives.
Threat Intelligence & Improvement:
- Continuously improve testing processes and methodologies, staying ahead of evolving threats.
- Stay updated on the latest security threats and techniques.
- Conduct market research to identify potential customers and understand their security needs.
- Highlight how your offensive security expertise solves specific problems and meets the needs of target clients.
- Hands-on experience with integrating SIEM and log analysis solutions (Splunk, IBM QRadar).
- Proficient in configuring EDR, NDR, and XDR solutions.
- Experience with monitoring and assessing access logs and IAM solutions.
- Experience with incident response and threat hunting using frameworks like MITRE ATT&CK.
-
Required Skills and Qualifications
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field with 5+ years of experience in offensive security.
- Extensive experience in penetration testing, vulnerability assessment, and exploit development.
- In-depth knowledge of security concepts, protocols, and penetration testing tools (e.g., Metasploit, Burp Suite, Wireshark).
- Solid understanding of web application security principles and common web vulnerabilities (e.g., OWASP TOP 10).
- Proficient in scripting languages (Python, Bash) for automating security testing tasks and programming languages (C, C++) for developing custom tools.
-
Preferred Skills and Qualifications
- Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences.
- Strong analytical and problem-solving skills to identify, analyze, and exploit vulnerabilities.
- Passion for staying current with the latest security threats and advancements in offensive security techniques.
- One or more of the following security certifications required: OSCP, OSCE, OSWE, CRTP, CISSP.