MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
5

Red Team Operator

Location Allen, United States
Posted 28-October-2021
Description
Job Description

Experian is the leading global information services company, providing data and analytical tools to our clients around the world. We have always believed that data has the potential to transform lives and create a better tomorrow. We are transforming data into something meaningful: helping businesses to manage credit risk, preventing fraud, targeting marketing offers and automating decision making. We have been named one of the 'World's Most Innovative Companies' by Forbes for 3 years in a row. Experian has operated at the center of Big Data since before the phrase was coined. Few companies can offer information services on an equivalent scale

Experian's Red Team conduct advanced adversary emulation operations to challenge assumptions and emulate cyber and criminal threat actors targeting or attacking the business.

As a Red Team member, you will participate in the design and execution of campaign-based security operations for Experian, spanning a varying array of targets. Successful team members must be capable of evaluating environments, applications, systems or processes to discover weaknesses, and subsequently leverage those discoveries into actionable real-world attack strategies.

To succeed in this role the candidate will possess breadth and depth of knowledge in security of operating systems, networking and protocols, firewalls, databases and Middleware applications, forensics, Scripting and programing. All red team members are expected to continuously improve their tradecraft through research, to add breadth and depth to their knowledge.

Responsibilities:

* Engagement in all phases of Red Team security operations
* Work within the Red Team to perform physical exploitation, network exploitation and social engineering assessments against authorized targets
* Perform network reconnaissance and open source intelligence gathering
* Configure and safely utilize attack tools, tactics, and procedures against authorized Experian targets
* Develop scripts, tools, or methodologies to enhance Experian's red teaming capabilities
* Help to execute the Red Team strategy to further enhance Experian's security posture
* Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
* Fluent and proficient in English to enable delivery of verbal and written reports and presentations to both technical and executive audiences
* Provide risk-appropriate and pragmatic recommendations to correct identified flaws, vulnerabilities and misconfigurations
* Provide guidance to advance the defensive capabilities of the Security Operations Centre and its subsequent ability to defend the Experian Enterprise
* Understand business processes, internal control risk management, IT controls and related standards
* Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
* Understand clients' business environment and basic risk management approaches
* Build and nurture positive working relationships with internal clients with the intention to exceed their expectations

Qualifications

* Relevant, recent and verifiable experience in information security and adversary simulation
* Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector
* 3 or more years' experience in two or more of the following areas:
* Network penetration testing and manipulation of network infrastructure
* Web application penetration testing assessments
* Email, phone, or physical social-engineering assessments
* Developing, extending, or modifying exploits, Shell code or exploit tools
* Experience with Red, Blue, or Purple teaming exercises

* Experience in large scale information technology implementations and operations preferred
* Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN.

Specialist skills:

* Proficient in exploitation and post exploitation frameworks such as Cobalt Strike, Metasploit Framework, Empire
* Proficient in one or more of the following programming languages (C, C++, C#, Go)
* Proficient in one or more of the following Scripting languages (Python, PowerShell, Bash, Ruby)
* Advanced knowledge of Windows Operating System architecture and internals
* Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems
* Extensive knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networks, cloud-based storage, and data warehouses

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url