Introduction
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
Since our founding, IBMers have been driven by a singular purpose. Making an impact on each other, our clients, and the world, we strive to Be Essential. By developing trust and personal responsibility in all relationships IBMers around the world have focused on innovation that matters to the world and have dedicated themselves to every client's success by focusing and believing in our core values.

IBM is seeking a qualified Lead Red Team Operator to join its collaborative and energetic Red Team. This position will reside in the IBM Cloud Platform organization performing red team exercises against IBM Cloud Platform offerings.

As a Lead Red Team Operator, you will work closely with multiple departments, including development, architecture, and compliance, to perform red team exercises against various system(s) and application(s). You will also assist in the development and planning of remediation strategies to mitigate identified risks and vulnerabilities.

Job Responsibilities

• Plan, lead, and execute Red Team exercises against various cloud offerings
• Oversee day-to-day operations and track ongoing exercises w.r.t assigning, tracking, meeting the exercise timelines.
• Develop a deep technical understanding of IBM Cloud Platform offerings and infrastructure
• Assist with reporting red team operational activities, including outcomes and metrics, to security leadership
• Engage in security monitoring and visibility improvement activities across the IBM Cloud Platform organization
• Create and document tactics, techniques, and procedures (TTPS) used during red team exercises
• Discover training needs and create coaching plan to upskill the team
• Communicate with various business and technology leaders to interpret identified vulnerabilities and assist in the development and planning for risk mitigation plans
• Research and continuously improve skills in attacker tools, tactics, techniques, and procedures (TTPs)
• Lead by example for the greater red team in professionalism, communication, and technical expertise

Required Technical and Professional Expertise

• 5+ years of demonstrating experience in planning and executing red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies
• Demonstrates a strong understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications.
• Demonstrates a strong ability to communicate highly technical aspects to executives and other IT staff, respectively
• Proven track record of contributing to opensource technologies and projects
• Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.)
• Possess one or more of the following credentials: OSCP, OSCE, OSWE, GWAPT, GXPN
• Familiarity with serverless services, containerization, and other cloud technologies
• Strong familiarity with MITRE ATT&CK and the Cyber Kill Chain
• 5+ years of demonstrated experience in system or application administration role(s)
• Sense of ownership and pride in your performance and its impact on the company's success
• Strong critical thinking and problem-solving skills

Preferred Technical and Professional Expertise

• 7+ years of demonstrating experience in planning and executing penetration tests/red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies
• Expert level understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications.
• Sense of ownership and pride in your performance and its impact on the company's success
• Strong critical thinking and problem-solving skills
• Expert level ability to communicate highly technical aspects to Executives and IT staff, respectively
• Proven track record of contributing to opensource technologies and projects
• Expertise in developing exploits and customized attack tooling and approaches
• Demonstrated security research leading to bug bounty and CVE awards
• Deep understanding of serverless services, containerization and other cloud technologies
• Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.)
• Possess one or more of the following credentials: OSCP, OSCE, OSWE, GWAPT, GXPN
• Familiarity with serverless services, containerization and other cloud technologies
• Strong familiarity with MITRE ATT&CK and the Cyber Kill Chain
• 7+ years of demonstrating experience in system or application administration role(s)