Jobs · Management · California

XFR Red Team Operator

IBM · San Jose, CA · 1 wk ago
HybridManagementFull-time

The Role

The Red Team Operator will be part of the X-Force Red Offensive Security team. You will plan and execute remote operations dynamically emulating advanced threat actors to improve the detection and response capabilities of clients through long-term engagements.

There is a potential for up to 25% travel, including international travel.

Core Responsibilities

  • Manage full adversary simulation engagements from conception to report delivery
  • Communicate effectively with team members and clients during the engagement
  • Keep current with the latest offensive security techniques
  • Perform adversary simulation of real-world adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK™ and other sources of information
  • Develop payloads, scripts and tools that weaponize new concepts for exploitation, evasion, and lateral movement
  • Engage in an active evasion of defenders to avoid detection and progress engagements
  • Cook up with other Red Team operators to achieve the specified goals
  • Deliver reporting and debriefs to defenders in manner that improves detection and response capabilities
  • Perform/present technical security research

Required Technical And Professional Expertise

  • 3+ years of red teaming experience in a dedicated red team role
  • 5+ years of system administration, network administration, or programming experience
  • Ability to develop/modify exploits and payloads to avoid defensive countermeasures
  • Understanding of real-world adversary operations methodologies, tactics, techniques, and procedures. In particular, the ability to apply frameworks (eg. MITRE ATT&CK™) in client engagements
  • Demonstrated history of published exploitation research
  • Strong analytical and problem-solving skills
  • Good interpersonal, organizational, communications, and time management skills
  • Experience coordinating security testing projects with multiple consultants
  • Effective English writing skills

Desired Qualifications

  • History of presenting at security conferences
  • Track record in vulnerability research and CVE assignments
  • Knowledge of Windows APIs
  • Knowledge of EDR detection capabilities such as Carbon Black/Crowdstrike, etc. and associated evasion techniques for behavioral based alerting
  • Demonstrated exploit, payload, or attack framework development experience
  • Expert level skills in one of the following: Active Directory, Software Development, or Cloud Infrastructure
  • Relevant certifications from organizations like Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills
  • Prior security consulting experience

Similar jobs