CYE is looking for a Senior Red Team with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a “press the button” type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities
- Global organization red-team assessments and security posture
- Co-ordinate and execute systems and network level advanced red team exercises for different environments
- Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
- Configure and troubleshoot security infrastructure devices
- Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
- Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
Qualifications
- 7+ years of experience leading penetration testing, application testing, and red team engagements
- Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools
- Experience with scripting languages such as python, ruby, POSIX shell, as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET
- Detailed technical knowledge in multi-security domains (Web, Network, OS, DB, IoT, Cloud, SCADA- advantage…)
- Knowledge in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Expertise in performing advanced exploitation and post-exploitation attacks as part of ethical hacking exercises including writing proof-of-concept exploits and creating custom payloads and modules for common ethical hacking frameworks and tools
About us:
CYE’s SaaS platform and experts enable security leaders to execute optimized security programs with significant business impact. CYE serves large companies in multiple industries around the world. With offices in Israel, New York, and London, CYE is funded by EQT Private Equity and 83North.
Top Skills
What We Do
CYE’s optimized cyber risk quantification platform and expert guidance transform the way organizations manage cybersecurity.
Using AI, machine learning, and innovative technology, CYE visualizes attack routes, quantifies, mitigates, and communicates cyber risk, and matures organizational cybersecurity posture. In doing so, CYE provides clear and relevant insights that empower companies to make effective cybersecurity decisions. The company serves organizations in multiple industries globally.
Founded in 2012, with headquarters in Israel and operations around the world, CYE is funded by EQT Private Equity and 83North.