Senior Red Team Operator (GSK)
Job posting number: #154241 (Ref:406986)
Job Description
As a Red Team Operator - you will have a deep understanding of computer science and information security. You understand advanced concepts like exploit development and stealthy operations. This role will have access to a very diverse network at a company dedicated to providing care to patients across the globe.
Key Responsibilities:
· Leverage real attacker emulation to simulate security incidents, observe response across monitoring and incidents, and identify enhancement opportunities
· Develop after action reports to help justify this investment and use the results to hone the security posture for the overall organization
· Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery
· Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure
· Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
· Document identified vulnerabilities and research corrective/remediation actions in order to recommend a risk mitigation technique(s)
· Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents
· Communicate effectively with team members and during an engagement
· Keep current with TTPs and the latest offensive security techniques
Basic Qualifications:
· 1 or more years of experience as a red team operator
· Experience with offensive tools and platforms such as Kali Linux, Cobalt Strike, Metasploit, Covenant, Sliver, Bloodhound, Ghostpack, Nmap, Nessus, Zmap, Massscan, EyeWitness, Burp Suite
· Experience with writing high-quality assessment reports and communicating results to clients, teammates, and senior leadership
· Knowledge of functionality and capabilities of network defense technologies, including firewalls, IDS and IPS, antivirus, and web content filtering
· Experience building red team infrastructure and new approaches to testing a variety of environments
· Ability to operate and lead organized security testing engagements without assistance
· A certification or certifications relevant to this position or equivalent education
Preferred Qualifications:
· Familiarity with various programming languages such as Python, Ruby, and Rails are a plus
· Experience in web programming (Java, ASP, ASP.NET, HTML, JavaScript)
· Experience with cloud-based environments (GCP, Azure, AWS, etc.)
· Multiple market relevant certifications or education such as CREST/OSCP/OSCE/OSWP a plus
· Demonstrated rapid tool development & automation experience
· Regular Expressions (RegEx)
· Knowledge of SQL Server, SQL Client Tools, and T-SQL Stored Procedures
· Understanding of Web Application Firewalls
· Reverse engineering
Benefits:
• Career at one of the leading global healthcare companies
• Attractive reward package (competitive salary, annual bonus & awards for outstanding performance, recognition awards for additional achievements and engagement, holiday benefit
• Possibilities of development within the role and company’s structure
• Life insurance and pension plan
• Open and inclusive environment which is supportive and welcoming of all diversity strands (gender, race, ethnicity, sexuality, disability, or any other characteristic)
• Private medical package with additional preventive healthcare services for employees and their eligible counterparts
• Sports cards (Multisport)
• Personalized learning approach and external trainings
• Extensive support of work life balance (flexible working solutions including working from home possibilities, health & wellbeing activities)
• Supportive community and integration events
• Modern office with creative rooms, fresh fruits everyday
• Free car and bike parking, locker rooms and showers
#LI-GSK
G7
Why GSK?
Uniting science, technology and talent to get ahead of disease together.
GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology).
Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.
GSK is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit GSK’s Transparency Reporting For the Record site.