Role Summary:
Join our dynamic Offensive Security Team! As we expand, we are looking for a Pentester/Red Teamer who is enthusiastic about undertaking a range of security assessments, including penetration testing, red team exercises, vulnerability scanning, and physical access evaluations for our clients.
Key Responsibilities:
Client Engagement Management: Lead client projects, ensuring clear communication, timely delivery, and exceeding expectations. Act as the primary liaison, providing updates and guidance.
Security Assessment Execution: Conduct detailed security assessments, including penetration testing and vulnerability analysis. Systematically identify and document vulnerabilities across network, application, and physical layers. Prepare concise reports for both technical and non-technical stakeholders.
Red Team Challenges: Participate in red team simulations, encompassing social engineering attacks and advanced penetration tactics. Post-initial access, perform internal testing to escalate privileges and gain high-level access. Document methodologies and outcomes, providing actionable insights for enhancing security.
Technical Proficiencies:
Python/Scripting: Demonstrate a high level of proficiency in Python, essential for writing custom scripts to automate tasks, analyze data, and develop unique tools for penetration testing. This skill is crucial for tailoring attacks, parsing data, and creating efficient workflows in security assessments.
Linux/Windows Proficiency: Have a thorough understanding of Linux/Windows systems, which are commonly used in security environments. This includes navigating the command line, understanding file permissions, managing services, and using Linux/Windows-based security tools. Knowledge of Linux/Windows is vital for testing and exploiting Unix/Windows-based applications and servers.
Burp Suite Expertise: Exhibit expertise in using Burp Suite, a leading tool for web application security testing. This includes leveraging its various features for intercepting traffic, conducting automated scans, manipulating requests and responses, and identifying vulnerabilities in web applications.
Nmap and Enumeration Tools: Skilled in using Nmap for network scanning and enumeration. This involves not just running scans but interpreting results to identify open ports, services, and potential vulnerabilities. Familiarity with other enumeration tools that help in discovering and mapping network and system details is also important.
Active Directory Analysis/Impacket: Proficient in analyzing Active Directory environments using tools like Impacket. This includes understanding AD architecture, identifying misconfigurations, and exploiting them. Skills in leveraging Impacket for tasks like network relays, password spraying, and gaining elevated privileges are crucial for penetrating Windows environments.We're Seeking:
Qualifications: A degree in Computer Science, Engineering, Mathematics, or Physics.
Experience Level: Open to graduates/juniors and above. The more experience in red teaming, the better.
Skills: Exceptional problem-solving abilities, with a flair for thinking on your feet and tackling constantly evolving threats creatively.
Attributes: Motivated, passionate, determined, and an avid learner. We value self-starters with proven experience who are driven to learn.Communication: Strong interpersonal and communication skills are essential for effective team collaboration, which is a key aspect of our work culture
GCS is acting as an Employment Agency in relation to this vacancy
