MSD Principal Red Team Engineer 

Czechia 

238849186

Job Description

Key Responsibilities

• Lead and execute complex red team engagements to simulate real-world cyber-attacks on the organization's infrastructure, applications, and data.
• Develop and implement methodologies for comprehensive penetration testing, identifying vulnerabilities and weaknesses in security controls.
• Collaborate with blue teams to validate the effectiveness of defensive measures and improve detection and response capabilities.
• Lead purple team exercises to integrate red and blue team activities, enhancing overall security effectiveness.
• Utilize threat intelligence to inform red team activities, ensuring simulations reflect current and emerging threat landscapes.
• Lead attack path mapping for threat modeling to identify, assess, and prioritize potential cyber threats and vulnerabilities.
• Produce detailed reports and presentations that articulate findings, vulnerabilities, and potential impacts to technical and non-technical stakeholders.
• Recommend actionable remediation strategies to mitigate identified vulnerabilities and improve overall security posture.
• Document red team methodologies, tools, and processes for knowledge sharing and continuous improvement.
• Mentor and train junior red team members, fostering a culture of continuous learning and professional development.

Qualifications

Education and Experience

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 5 years of experience in cybersecurity and red team roles.
• Proven track record of leading and executing complex red team engagements.

Technical Skills

• Deep understanding of network protocols, operating systems, and security architectures.
• Proficiency in penetration testing tools and frameworks such as Metasploit, Burp Suite, and Cobalt Strike.
• Experience with scripting and programming languages such as Python, PowerShell, and Bash.
• Knowledge of threat modeling, vulnerability assessment, and risk management practices.

Certifications

• Relevant industry certifications such as OSCP, OSCE, OSEP, CISSP, or GPEN.
• Continuous professional development through participation in cybersecurity training and conferences.

Current Contingent Workers apply

*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.