Red Team Analyst
London (Greater London) Infra / Networks / Telecom
Job description
Job Details
Role Sector: IT
Hours Per Week: 35
Salary Range: £ Flexible depending on experience
Additional Benefits: Bonus potential, generous annual leave entitlement, competitive pension and flexible benefit options
Role Description
We are currently recruiting for a new and exciting opportunity as a Red Team Analyst within our Chief Information Security Office (CISO). You would lead on the Cyber Security Red Team capability within CISO, to proactively identify and ultimately prevent/manage information security threats, vulnerabilities and incidents globally, across all Aviva markets and locations.
This is a key role in meeting and maintaining statutory, financial, regulatory and corporate governance compliance obligations with respect to information security.
Key Relationships
Internal:
· CISO functions in the UK and security teams in all locations
· IT security teams and key IT SMEs globally.
· Technology operational teams in all Aviva locations
· Business and Risk areas as required
· Other members of staff as required
· Business and Risk areas as required
External:
· Technology Service Providers
· Security Vendors
· Regulators as required
· Government agencies as required
The Person
Business & Financial Acumen:
· Planning & Priority Setting
· Global Perspective
· Innovation
· Effective Relationships
· Communication
· Execution
· Customer Focus
· Risk Awareness
· Change Effectiveness
· Strategic Thinking & Planning
Duties & Responsibilities
· Provide operational network exploitation and cyber threat emulation testing towards LAN and WAN systems and components.
· Assist in the creation and maintain the body of documentation that describes Red Team's formal testing methodology.
· Assist in the development and refinement of methodologies to successfully conduct Red Team operations.
· Develop plans to successfully conduct Cyber exploitations, penetration testing, cyber threat emulation and Red Team operations.
· Develop and submit detailed reports of finding, analysis and recommendations.
· Research existing exploit code and/or develop proof-of-concept or exploit code for test and evaluation of mitigation actions.
· Identify potential network, system and physical security vulnerabilities and misconfigurations through the use of and expert employment of all available tooling and social engineering techniques.
· Plan, prioritise and conduct cost analysis for future technical services and tooling to deliver the global security strategy and roadmap.
· Assist in security incident scenarios. Support security recovery events, under pressure, with technology staff (and sometimes vendors) until services are recovered and secure.
· Ensure that potential threats are identified and addressed expediently.
· Ensure technical security risks are raised and managed in the risk portfolio.
· Mentor and coach more junior colleagues and provide support to peers within CISO and TSS.
· Contribute strategic technical input into the CISO management team.
Skills & Experience required
• Certified Red Team Member
• GIAC Web Penetration Tester
• GIAC Exploit Researcher and Advanced Penetration Tester
• CREST or CHECK qualification
• In depth knowledge of enterprise architectures and operations
• Detailed and up-to-date knowledge of threat and vulnerability management techniques and tools
• Strong knowledge of firewalls, intrusion detection systems and a wide range of security tools
• Knowledge of malware packing and obfuscation techniques
• Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
• Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
• Strong knowledge of networking protocols and packet analysis
• Must have the ability to perform targeted penetration tests without use of automated tools
• Well versed in multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
• Ability to deliver under extreme pressure in a multi-national organisation
• Able to work collaboratively and effectively with teams across multiple IT disciplines
• A good understanding of risk management principles and practices
• Direct and demonstrable experience in a similar, global role in the insurance or financial services sector
• Information Security experience
• Experience performing network penetration testing
• Experience performing application security assessments
• Experience with Cyber Red Team operations
• Experience performing network exploitation operations
• Experience engaging with all levels of management and communicating complex technical issues to a range of audiences.
Additional Information
We prefer all applications to be submitted online, however if you require an alternative method of applying please contact Nikita Hathlia in the Resourcing team on 07885823561.