Principal Security Consultant - Red Team Lead

About Nettitude

Nettitude is an LRQA Company. We’ve been around since 2003 and our focus has always been on excellence in cyber security. We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides! #LI-Nettitude

We’re an award winning provider of cyber security services and we’re are at a very exciting stage of development. We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced. Nettitude will be at the forefront of this arena and we want to seek the right people to join the team and make it happen.

You can find out more about us at www.nettitude.com. If you want to review our research and tooling, then head on over to https://labs.nettitude.com

Location

This role is remote. We can support working from across the UK. All applicants will require residence in the UK.

The role

We’re looking for experienced Red Team operators to come and join our dedicated Red Team, capable of delivering top tier work in mature environments and against common regulated frameworks (CBEST, GBEST, GCASE, TBEST, TIBER-EU, C-RAF iCAST, AASE, TIBER-FI, CORIE, FEER, I-CRT).

 The attributes possessed by successful candidates include:

• Strong knowledge of the cyber kill chain and common tactics, techniques and procedures often employed by a variety of threat actors.
• A thirst for research and being at the cutting edge of the industry.
• A good understanding of how a typical blue team operates.
• You will be enthusiastic and able to work well within a high performing team as well as perform to a high standard autonomously.
• You will have an in depth understanding of risk.
• The ability to write and deliver high quality reports.
• The ability to perform under pressure, simulating highly technical tactics, while executing in heavily monitored environments.
• A willingness to occasionally work unsociable working hours – attackers don’t just work 9-5 and sometimes we need to replicate that.

What you’ll be doing in your role:

Having an absolute blast, working in teams to hack and break in to leading financial organisations, carry out specific objectives and then help those same customers to:

• Plan and execute complex Red and Purple team engagements, simulating various threat groups sophistication and attack techniques.
• Build custom tooling, research attack techniques, overcoming complex technical challenges and contributing to Nettitude’s Red Team capability.
• Maintain a good working knowledge of Blue team tactics/capabilities, specific to people, processes and technologies.
• Maintain a good working knowledge of threat actors and their Tactics, Techniques and Procedures (TTP’s). 
• Support and deliver Nettitude’s Detection and Response Assessments (DRA).
• Create and assist in quality assurance of key documents such as test plans and reports.
• Deliver both technical and management debriefs, up to executive level. 
• Support, contribute to and deliver several Nettitude training programmes, namely Nettitude’s Red Team training course, delivered privately and at conferences. 
• Support the Global Red Team operation by being able to travel both domestically and internationally, while operating in multiple time zones where necessary.
• Maintain a proficient knowledge of regulatory frameworks, laws and their legal implications, operational security, and its impacts on the team. 
• Carry out or support technical research that increases Nettitude’s delivery capability and industry awareness. This could be in the form of training, workshops, conference talks or blogs. 
• Coach and mentor Red Team members, providing support to all aspects of the job, technical, procedural, and social.
• Where opportunities exist, be involved in or lead the creation of new service lines, building new products to take to market and leading and training the teams through to delivery.

Key Skills:

Essential skills and experience:

• Demonstrably strong technical, social and presentation skills.
• Demonstrably strong written and speaking English skills.
• Demonstrate strong analytical/problem solving skills.
• Demonstrate strong ability to lead, teach, present, and inspire the wider team.
• Highly proficient with multiple C2 frameworks and capable of modifying or creating tooling to overcome technical challenges.
• Ability to work and deliver under pressure in a worldwide organisation.
•  Knowledge and experience in scripting or programming languages to develop custom scripts or tools (demonstratable either via public contributions on open source projects or personal articles / github repos).

Desirable skills and experience:

• CREST CCSAM, CCSAS or equivalent level of IT Security related certification/knowledge.
• Knowledge of adversary tactics against Apple centric environments.
• Knowledge of adversary tactics against cloud centric environments.
• SC and DV level clearances UK or equivalent throughout Europe or US.
• Understanding of global regulatory landscape for technology and cyber risk.

What we offer:

We offer you an exciting working environment with intellectual challenges, responsibility, and high-level client interaction, in a team which has a full remote working culture. An attractive remuneration package will be provided. #LI-Nettitude

Apply?

Are you interested in this job? Apply now via the ‘apply’ button and upload your C.V. and cover letter.