Red Team Member
Permanent
Location: Ahmedabad
Department: Cybersecurity / Offensive Security
Employment Type: Full-Time
Job Summary:
We are seeking an experienced and highly skilled Red Team Member to join our cybersecurity team. The ideal candidate will bring a minimum of 5 years of hands-on experience in penetration testing and offensive security operations. This role involves emulating advanced persistent threats (APTs), identifying weaknesses in enterprise environments, and helping organizations improve their security posture. Candidates must hold relevant industry certifications such as OSCP, OSCE, CRTP, OSEP, or equivalent.
Key Responsibilities:
- Plan, execute, and report on Red Team engagements simulating real-world attack scenarios (including physical, network, social engineering, and application-based attacks).
- Perform advanced penetration testing on internal and external networks, applications, and cloud infrastructures.
- Develop and utilize custom tools, scripts, and exploits to simulate threat actor tactics, techniques, and procedures (TTPs).
- Work closely with Blue Teams to improve detection capabilities and validate security controls.
- Participate in threat modeling, risk assessments, and adversary emulation exercises.
- Produce clear and actionable reports detailing findings, exploitation paths, and remediation guidance.
- Stay updated on the latest vulnerabilities, exploits, and attack vectors.
- Contribute to continuous improvement of Red Team methodologies, playbooks, and tooling.
Required Qualifications:
- Minimum 5 years of professional experience in penetration testing, ethical hacking, or offensive security roles.
- Proven experience in Red Team operations or advanced adversary simulations.
- Strong understanding of MITRE ATT&CK framework, threat emulation, and TTPs of modern threat actors.
- Solid knowledge of networking protocols, Windows/Linux systems, Active Directory, cloud platforms (AWS, Azure, GCP), and common security controls.
- Proficient in scripting/programming languages such as Python, PowerShell, Bash, or similar.
- Certifications:
- Required: OSCP, OSCE, OSEP, CRTP, CRTO, GXPN, or similar advanced offensive security certifications.
Preferred Skills:
- Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic).
- Familiarity with EDR evasion techniques and OPSEC-safe offensive operations.
- Experience in purple team collaboration and working with detection engineering teams.
- Knowledge of social engineering and phishing techniques.
- Ability to communicate technical findings to both technical and non-technical stakeholders.