Dear Job Seekers
AIG is Hiring for:
Job Title: Red Team Engineer
- Conduct technical assessments and penetration tests on key operating system, application and networking defenses to identify weaknesses and exploit them to determine impact and severity of vulnerabilities.
- Contribute in creation of guidance and recommendations to leadership.
- Assist in the assessment strategy, approach, and methodology.
- This includes priority multiple high priority activities.
- Document and report actions on technical assessments and penetration tests.
- These may include identifying risks, vulnerabilities, and improvement recommendations. Share and present testing results with senior leadership.
- Perform research on emerging threats and cyber security risks. Lead critical information security initiatives (e. g. validation testing, proof-of-concept participation, and process design).
- Assist in mentoring and coaching of junior staff. Key Skill-sets & Capabilities
- Strong understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applications
- Strong understanding of Cloud architecture and security controls Experience penetration testing in global environments with various legal and regulatory requirements
- Strong understanding of security circumvention tools and techniques
- Knowledge of application security testing tools such as Burp Suite, OWASP ZAP, Appscan, Responder, Metasploit, PowerSploit, etc
- Ability to review source code and explain mitigation controls within source code for languages including, JAVA, C, CGI, PHP, HTML, AJAX
- Understanding of various application development principles with a focus on Agile software development
- Ability to review, modify and create scripts for automated testing techniques using languages such as Bash, Python, Go, Powershell, etc
- Understanding of how various security capabilities are designed and how they function together in a heterogeneous environment.
- Ability to converse with technical security staff as well as business executives. Up to date knowledge of the security landscape pertaining to new technologies.
- Ability to positively influence the behavior of peers and build relationships with other teams. Self-starter, ability to work independently with minimal supervision and as part of a team. CISSP, GIAC GSSP, CEH, OSCP, and / or OSCE are ideal
Experience: 3 years
Salary: As per the Company Standards