Senior Red Teamer

We are now seeking a Senior Red Teamer to join our Red Team. The successful candidate should have at least 3-5 years of experience in the industry working as a penetration tester. The position is 50% working onsite, and 50% working from home. Salary starts at $80,000.00 AUD, plus superannuation.

The successfull candidate must be an Australian resident and have a VISA allowing them to work full-time.

Distinguishing Role Characteristics

The role largely consists of (a) designing and executing Red Team exercises, (b) conducting offensive security research, (c) delivering Red Team trainings, and (d), from time to time, delivering penetration testing engagements.

Qualities

Beyond his or her technical skills, the successful applicant should also be someone who is personable, neatly presentable, well organized and efficient. Superior English communication skills, both verbal and written, as well as interpersonal skills will be considered as best matches with the culture and environment of the Company.

The candidate’s cultivated work discipline and ethics should include dedication and conscientious awareness, focused on delivering the best outcome to clients, as well as consistently achieving client satisfaction through excellence.

Essential Duties and Responsibilities

Design, plan, execute, and lead Red Team exercises
Oversee and train Junior Red Team members, and interns
Contribute to the development of our Company’s Red Team Toolkit
Contribute to the development of vulnerability deployment for Dragon-Net
From time to time, conduct state-of-the-art penetration testing against web applications, network infrastructures, user workstations, network appliances and other really bizarre and intriguing devices and technologies
Write in-depth security report detailing your findings, including advisements on how to remediate the vulnerabilities to the client
Train our customers’ Blue Team(s)
Deliver our Institute’s Red Team courses (Fundamentals and Advanced Userland Techniques)
Research and devise defense strategies that can be implemented in large-scale networks (+100 000 endpoints) to prevent and/or detect the attack strategies and tactics that worked against our customers’ networks

Required Knowledge and Skills

Malware Infrastructure Design & Implementation
Operational Security: Binary Protection, Decoys, Tripwires, Encryption and Application Security
Windows Userland Code Injection Techniques: DLL injection, PE injection, Process Hollowing, Threat Execution Hijacking, Shell Tray Window Injection, Etc.
Windows Memory Hooking Techniques: IAT Hooking, Inline Hooking, Hook Injection
LSASS Internals, and how Mimikatz, and other password dumpers, work
Knowledge of how Endpoint Detection & Response (EDR) software is built, and strategies on how to evade it, blend in, and/or disable it
Knowledge of fundamental Windows Low-Level Internals: KPCR, KPRCB, EPROCESS, KTHREAD, System Calls, Interrupts, the Object Manager, Local Procedure Call (LPC), Access Tokens, PatchGuard, Hyper-V Security (VTLs, Device Guard, and Credential Guard), and Secure Boot
Reverse Engineering: Rapidly reverse-engineer malware samples to discover new attack techniques and tactics that could be implemented in our Red Team Toolkit and used for Red Team exercises.
Tools: WINDBG/Kd, IDA, and Visual Studio
Programming languages: C, C++, Golang (if possible), and Python

Work in a Structured Way

The successful candidate must demonstrate an ability to work in a structured way:

Ability to write code in an extendable, elegant and intuitive manner, and document it properly. Anybody on our team should be able to read your code, understand it, and contribute to it
Brainstorm, design, and propose plans in a way that generate consensus with the team and the client, mitigates cognitive biases, anticipates and resolves problems ahead of time, and support the decisions you and your team have made
Consistently extract lessons learnt from engagements and research projects, disseminates those lessons throughout the team, and impart new defense strategies and tactics to our customers

Attributes

Excellent verbal and written English communication
Professional in demeanor and appearance
Articulate professional writing of findings and report formats for clients – impeccable grammar, stylistics and language command
Prioritize tasks as directed
Always be learning. Never assume that what made you successful yesterday will continue to work, or be even relevant, tomorrow
Cultivated work discipline, email acknowledged and/or replied promptly, messages returned same day are non-negotiable musts
Punctuality - at work, calls and any other meetings

Inquiries

Technical Assessment

Challenge	Description
Professional Reverse Engineering	Download and extract the following zip file which contains numerous malware samples. The password for the archive is "malware". Your mission, if you accept it, is to rapidly reverse as many samples as you can, identify at least five (5) techniques used by attackers that you deem could be used in a Red Team Exercise, and re-implement the techniques in C. Expected deliverables: IDA's i64 files of the malware you reversed engineered Text files for each sample explaining the offensive security techniques you identified, found interesting, and decided to re-implement. Explain why you selected the ones you did Visual Studio solutions files

What Will We Assess?

Knowledge of OS Internals (Windows)
Reverse engineering skills and offensive security knowledge
Ability to create Red Team Exercises based on real-world attack scenarios and techniques
Ability to document code and IDA i64 files in a professional manner
Ability to learn quickly and not give-up when confronted with difficult technical challenges

If you have fun solving the technical challenges above, you'll likely love working with us.

Act Now!

To apply to work for this position, please email your curriculum vitae and solutions to the technical assessment to [email protected]. If you succeed the technical assessment, we guarantee you an interview with us within ten (10) days of verifying your submission.