This job ad has been posted over 30 days ago...



Senior Red Team Analyst Full-time

at Mckinsey & Company in Gurgaon (Published at 09-07-2019)

Who You’ll Work With
The cyber red team is a small, agile, dynamic team that provides adversary replication assessments to determine the effectiveness of the current security posture of the network. The team will be based out of Gurgaon, India and work closely with the Information Security Operations Centre (iSOC) teams including Cyber Intel, Incident Response, Security Operations, Vulnerability Management, and Penetration testing teams.

What You’ll Do
You will research, develop, and execute advanced adversary replication attacks to evaluate and improve cyber defences.
Your primary role will be to lead the technical aspects of adversary assessments. Using intelligence about real world cyber threats you will develop attack methodologies that mirror advanced cyber threat tactics. You will use these tactics to evaluate the effectiveness of in-place cyber defences and provide feedback and training to network defenders to improve the overall security posture of the network.
As a senior analyst you will be expected to work with junior analysts to help them improve their skillsets to better enable them to provide high level adversary effects. You will provide information to the team lead to enable them to produce reports highlighting assessment results and present out briefs and training as needed.
You must have a deep passion for security and be an innovative thinker constantly working to improve you own skillset the match the ever-evolving adversary capabilities. You must be able to apply this knowledge in new and creative ways to provide a robust adversary experience for the network defenders to train against.

Bachelor’s degree required or equivalent experience
3-5 years experience performing network penetration testing
3-5 years experience performing application security assessments
2 -5 years experience with Cyber Red Team operations
Relevant certification such as OSCP, OSCE, GXPN, etc. (nice to have).
Strong knowledge of networking fundamentals (all OSI layers)
Strong knowledge of the Windows and *NIX operating systems and command line tools
Strong knowledge of software exploitation on modern operating systems
Knowledge of cloud technologies and cloud hosting (nice to have)
Ability to automate tasks using scripting languages (Python, Perl, Ruby, etc.)
Ability to develop advanced tools using coding languages such as, Python, C#, C++, etc. (nice to have)
Knowledge of malware packing and obfuscation techniques (nice to have)
Experience with Netflow or PCAP analysis (nice to have)
Must have the ability to perform targeted penetration tests without use of automated tools
Strong oral and written communication skills as related to delivering threat and finding reports
Ability to work independently
Strong team work and collaboration skills

Viewed: 779 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend