Security Consultant – Red Team (On-site)

SecurityBoat

Website: securityboat.net
Job details:

Role Summary

SecurityBoat is seeking an experienced Red Team Security Consultant to execute advanced adversary simulations across BFSI environments. The role involves conducting end-to-end red team engagements, emulating real-world threat actors to identify critical security gaps across applications, infrastructure, and Active Directory ecosystems.

Key Responsibilities

• Conduct full-scope red team engagements across applications, network infrastructure, and enterprise environments.
• Execute multi-stage attack simulations including initial access, exploitation, lateral movement, privilege escalation, and impact
• Perform advanced Active Directory attacks including Kerberos abuse, NTLM relay, ADCS exploitation, and credential access techniques
• Design and execute end-to-end attack chains from external entry points to internal compromise and domain dominance
• Map techniques and findings to the MITRE ATT&CK framework and contribute to detection gap analysis
• Simulate real-world adversary behavior (APT-style operations) in complex BFSI environments
• Collaborate with internal teams to validate detection capabilities and improve security posture

Requirements

• 5+ years of hands-on experience in Red Teaming or Offensive Security
• Strong expertise in Active Directory attack methodologies including Kerberos, NTLM, ADCS, and identity abuse techniques
• Hands-on experience in executing full attack kill chains across enterprise environments
• Proven ability to chain multiple vulnerabilities into complete attack scenarios with measurable business impact
• Deep understanding of post-exploitation techniques including credential dumping, persistence, and lateral movement
• Experience with tools such as BloodHound, Mimikatz, Impacket, Burp Suite, and command-and-control frameworks
• Strong knowledge of Windows internals, authentication mechanisms, and
• Ability to perform manual, research-driven testing beyond automated tools
• Experience in mapping attacks to MITRE ATT&CK and documenting attack paths clearly

Preferred Qualifications

• Experience working within BFSI or critical infrastructure environments
• Strong understanding of the MITRE ATT&CK framework
• Relevant certifications such as OSCP, OSWE, CRTP, or CRTO

Candidate Profile

• Demonstrates a strong attacker mindset with analytical problem-solving skills
• Comfortable operating in complex, large-scale enterprise environments
• Focused on impact-driven security assessments rather than isolated vulnerability identification
• Strong communication skills to articulate technical findings in a business-relevant manner

Benefits

• Flexible engagements tailored to professional and personal goals.
• Competitive compensation structure.
• Exposure to diverse, industry-leading projects.
• Access to specialized expertise and a collaborative cybersecurity team.
• Professional development opportunities and recognition within the cybersecurity community.

Click on Apply to know more.