Job Role Title

Red Team Expert

Sub-Functional Area

Assurance, Compliance & Benchmarking

Job Accountabilities (Duties and Responsibilities)

• Provide second-level assurance in accordance with Group Information Security policies and practices for business units and IT functional areas.
• Plan Red Team missions based on current environmental factors and emerging global threat developments.
• Execute Red Team operations as per defined plans.
• Identify control gaps and opportunities for security improvements.
• Document findings from Red Team engagements in compliance with documentation standards.
• Report findings and guide the Blue Team on control improvements.
• Mentor Red Team members and onboard new joiners to support the overall program.
• Set up and enhance the Red Team lab, tools, and offensive capabilities to improve testing methodologies and effectiveness.
• 
  

Technical Knowledge & Skills

• Strong understanding of the MITRE ATT&CK framework and the Kill Chain model.
• Experience in open-source intelligence gathering techniques.
• Experience in Active Directory and authentication services security testing.
• Hands-on experience in network and infrastructure penetration testing.
• Experience executing Red Team engagements (internal/external) and understanding defense controls.
• Familiarity with penetration testing and C2 frameworks such as Metasploit, PowerSploit, Mimikatz, Impacket, Cobalt Strike, or similar tools.
• Capability to evade or bypass security controls and defensive technologies.

Skills Required (Knowledge and Abilities)

• Good understanding of system internals and security fundamentals.
• Solid grasp of OSI layers and core networking concepts.
• Understanding of common application architectures and components.
• Proficiency in scripting using Python or PowerShell for security testing and tool development.
• Basic programming skills in C/C++.
• Awareness of global threat trends and developments in offensive security techniques.
• Knowledge of international information security standards and best practices.

Key Attributes (Experience and Qualifications)

• BE/B.Tech/ME/M.Tech/MCA/MS from a reputed/recognized institute.
• 4–7 years of experience in IT or Information Security domains, including 1–2 years in penetration testing or ethical hacking.
• Relevant security certifications such as CEH, OSCP, OSCE, CRTP, CRTE, or other offensive security qualifications.