Incident Response (IR)

InfoGuard AG (Headquarter), Lindenstrasse 10, 6340 Baar, Switzerland

• Tel. +41 41 749 19 00
• Tel. +41 31 556 19 00
• Tel. +49 6102 7840 0
• Tel. +49 896 142 9660
• Tel. +49 2102 5789 800

Your Job

• We are seeking a highly motivated and experienced Security Researcher & Red Team Operator. In this newly created and mixed role, you will be responsible for developing Red Team capabilities as well as executing Red/Purple Team projects. About 50% of the time you will perform attacker tradecraft research, publish technical blog articles on offensive-security topics and present findings at internal or external conferences. Staying up to date with the latest adversary tactics and vulnerabilities will be key to your success in this role – a role that involves developing and maintaining tools designed to bypass security controls for use in covert operations
• The second part of the job is to propose, plan, and execute Red Team and Purple Team operations based on realistic threats to InfoGuard and our clients. You will work closely with our Security Operations Center and Incident Response Team to improve detection and response capabilities. As part of your responsibilities, you will write detailed reports for clients covering the goals, processes, and results of Red Team operations, including significant observations and recommendations. You will also deploy and manage attack infrastructure for stealth operation. Besides this, you will also play an important role in mentoring and teaching other engineers within the Red Team
• Although you will be joining an existing team of talented professionals, this specific area of our Red Team is still under development. We are looking for someone eager to build up this function – while helping to shape new processes, tools, and strategies. If you are excited about being part of a team that is still growing and evolving, this role is for you!
• Mixed role, you will be responsible for developing Red Team capabilities as well as executing Red/Purple Team projects
• Perform attacker tradecraft research, publish technical blog articles on offensive-security topics and present findings at internal or external conferences
• Propose, plan, and execute Red Team and Purple Team operations
• Mentoring and teaching other engineers within the Red Team

Importance

• Several years of experience in conducting advanced adversary-simulation exercises
• Experience in developing custom tools and researching techniques which bypass defensive products to remain undetected in mature network environments
• Profound knowledge of exploit techniques and commonly used attack tools, frameworks and techniques (TTPs) used by red teams
• Ability to automate tasks by writing or adapting scripts and programs
• Informed on current security trends, advisories, publications, and academic research on latest techniques
• Proficiency in at least one programming language such as Python, C#, or C++
• Familiarity with common frameworks and regulations in the field such as DORA and TIBER
• Track record of past publications/research (CVEs, PoCs, technical blogposts, talks at relevant conferences)
• Excellent written and spoken English
• Good knowledge of German