iCompaas
Website:
icompaas.com
Job details:
Job description
Red Team Engineer — Offensive Security (1–3 years)
Summary
We need a Red Teamer who can think like an attacker, execute safe offensive tests, and help the organization find real weaknesses before real attackers do. Expect hands-on work (exploit dev basics, Linux, cloud misconfigurations), messy investigations, and constant learning. This is not a role for theory-only candidates — you’ll be breaking things (in a controlled way) and writing the technical playbooks afterwards.
Key Responsibilities
- Plan and execute controlled offensive engagements: web app, network, cloud, and AD-focused assessments (scoping and safety-first execution).
- Perform reconnaissance, vulnerability discovery, exploit validation, and privilege escalation in target environments (on-prem and cloud).
- Create and run realistic attack paths and adversary emulations using frameworks (MITRE ATT&CK mapping).
- Develop and refine custom PoCs, scripts and small tools (Python, Bash); adapt open-source tools safely.
- Work with Blue/Defensive teams to validate detections and tune alerts — provide actionable remediation steps and detection opportunities.
- Produce clear, prioritized technical reports and executive summaries that include remediation and detection recommendations.
- Contribute to red team playbooks, threat libraries, and runbooks; maintain safe testing checklists and rules-of-engagement.
- Assist with tabletop exercises and purple-team sessions; demonstrate attack techniques during training.
Required (must have)
- 1–3 years practical experience in offensive security, penetration testing, or hands-on lab work.
- Solid Linux fundamentals: shell, package management, services, troubleshooting, networking tools (tcpdump, netcat).
- Hands-on with web and network testing tools (Burp Suite, nmap, Metasploit, etc.) and ability to script small automations (Python/Bash).
- Basic understanding of cloud concepts (AWS/Azure/GCP), and common cloud misconfigurations and exploit paths.
- Familiarity with Active Directory basics and common AD attack techniques (Kerberoasting, Lateral Movement concepts).
- Working knowledge of SIEM/EDR concepts — how detections are created and how to bypass/evade them responsibly.
- Clear, technical writing ability for reports and remediation guidance.
- Curious, methodical, and comfortable working under supervision with a strong focus on safe testing.
Nice to have
- Experience with adversary emulation platforms (Caldera, Atomic Red Team) or red-team frameworks.
- Understanding of malware basics, exploit development, or reverse engineering.
- Certifications: e.g., OSCP (or in-progress), eJPT, CEH.
- Familiarity with cloud-native offensive tooling (e.g., pacu for AWS) and container exploitation.
- Experience mapping activity to MITRE ATT&CK.
Click on Apply to know more.