Jobs

Job Details

Location

Belfast, Northern Ireland

Closing Date

2020-01-24 00:00:00

Share

Red Team Leader

  • Job Summary

    Aflac relies on their Red Team to find a myriad of vulnerabilities across network, application, mobile, cloud, wireless and other assessments. Working as part of the Aflac Northern Ireland Cyber Security Team and within Aflac Global Security, you will plan, manage and execute Red Team operations. You will help direct the threat hunt strategy and activities supported by a team of highly skilled professionals.

    We are looking for someone who is comfortable in both a leadership and practitioner capacity; allowing you to get hands on with testing but also ensuring the team has clear direction, has the tools they need and are enabled to perform. We are working hard on building one of Belfast’s most adaptable, talented and diverse line-up of people and we only want to work with the best. Helping to put Aflac Northern Ireland on the map by playing a key role in shaping our first cyber security team here in Belfast, allowing us to demonstrate our capabilities.

    Principal Duties & Responsibilities

    • Work directly with the Senior Manager of Vulnerability Management to develop and oversee the execution of the team’s penetration testing and threat hunting strategy.
    • Maintain responsibility for executing tests, reporting findings, creating and configuring tools, and maintaining testing platforms.
    • Perform automated and manual hands-on Cyber penetration security testing, including identifying security risks within applications, security controls, and network infrastructure.
    • Ensure the team constantly ramps up and understands new designs, systems, and technology, with a particular emphasis on knowledge of Aflac’s external points of presentence and risks associated with them.
    • Lead comprehensive assessments of features and large-scale applications and environments, including mapping out the surface area and assessing prioritization based on time, resource, and general importance tradeoffs.
    • Lead targeted operations (planning, scoping, approval, reconnaissance & discovery, execution of attacks, pivoting, persistence, and remediation)
    • Work directly with the business and project teams to understand their roadmaps so that new points of presence and technologies are accounted for and tested as they are deployed to production.
    • Brief management and technical resources on new exploits, internally discovered vulnerabilities and likely attacker tactics against all Aflac environments.
    • Communicate with information technology and development teams on integrations and automation for penetration testing tools
    • Research emerging technologies and attack vectors.

    Skills & Experience

    Essential

    • Bachelor’s degree in computer related discipline and/or 5+ of experience in penetration testing or related information security fields
    • Advanced knowledge of evasion strategies for multiple security technologies (IDS/IPS, WAF, AV, etc.)
    • Proven experience in penetration testing methodologies and toolsets
    • Advanced knowledge of automated penetration testing tools and integrations
    • Able to maintain own tools and testing infrastructure for assessing a range of environments
    • Ability to clearly convey threat hunt results in formal technical reports and deliver briefings to all stakeholders
    • Strong technical leadership and interpersonal skills

    Desirable

    • Penetration testing certifications like (GPEN, GXPN, OSCP, OSCE, CEH, CREST etc.)
    • Experience with programming using one or more of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code
    • Advanced knowledge of penetration testing processes in cloud environments
    • 4+ years of demonstrable experience with executing Web application, network, and system penetration tests
    • Experience with leveraging Open Source penetration testing tools, including Metasploit and the Kali Linux tool set
    • Knowledge of open security testing standards and projects, including OWASP
    • Proven ability to assist remediation efforts for discovered vulnerabilities
    • Experience mentoring / coaching junior team members
    • Experience setting up and presenting demo events to technical audiences

    Aflac Northern Ireland is an equal opportunities employer