Job Description – Red Teaming/Security Assurance Analyst
Team: Cyber Resilience & Defence
Designation: Red Teaming/Security Assurance Analyst
Job Role: Specializing in Red Teaming Assessment, MITRE Framework, Cyber Threat Intelligence, Threat Hunting, and DFIR (Digital Forensics and Incident Response), you will play a pivotal role in enhancing our clients cyber defenses against cyber threats.
Experience: Minimum 3+ years of hands-on relevant experience crucial in identifying vulnerabilities, assessing security postures, and orchestrating simulated attacks to evaluate and fortify our clients resilience against cyber threats.
Job-Location: vCyberiz Sdn Bhd, Selangor, Malaysia
Shifts: The resource may need to work Flexible Hours to provide extended support & be available on call when required.
Essential Technical skills:
Solid experience in Red Teaming assessments, utilizing both offensive and defensive cyber techniques.
Proficiency with the MITRE ATT&CK framework and its application in cyber defense strategies.
Strong understanding of Cyber Threat Intelligence sources, methods, and analysis.
Proven capability in threat-hunting methodologies and tools.
Hands-on experience in Digital Forensics and Incident Response (DFIR) investigations.
Design and Development of Techniques and Tactics:
- Physical Social Engineering Attacks: Conducting covert operations that involve manipulating individuals to gain physical access to secure areas or sensitive information, including tactics such as tailgating, pretexting, and impersonation.
- Rapid Payload Prototyping: Developing and deploying customized malware and exploits quickly to simulate real-world attack scenarios, enabling the testing and improvement of an organization's defensive measures.
- Effective Scenario Development Based on Use Cases: Crafting realistic and relevant attack scenarios that are tailored to an organization's specific environment and threat landscape, ensuring that the Red Teaming exercises are impactful and aligned with real-world threats.
Excellent analytical and problem-solving skills, with the ability to think strategically and act tactically in high-pressure situations.
Effective communication skills, with the ability to convey complex technical information to non-technical stakeholders.
Relevant certifications (e.g., OSCP, CISSP, GIAC) are advantageous.
Non-Technical Skills –
Clear and concise communication of technical information to non-technical stakeholders, fostering understanding and informed decision-making.
Analytical ability to identify root causes of cyber issues, assess risks, and propose practical solutions in dynamic environments.
Proven capability to work effectively in cross-functional teams, leveraging diverse perspectives to achieve cybersecurity objectives.
Efficient prioritization and task management to meet deadlines in high-pressure situations, ensuring timely response to cyber incidents.
Readiness to adapt to evolving cybersecurity threats and technologies, with a commitment to continuous learning and professional development.
