AVP, Cloud Security & Attack Simulation Specialist, Technology & Operations
Business Function Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels. Do you think like an adversary and operate in a stealth way while avoiding leaving traces behind? Do you enjoy exploiting applications or networks to reach a specified target? Do you enjoy tearing apart an API or network protocol and coming up with novel techniques to solve unique and interesting security problems? Are you familiar with web and mobile applications and its inherence potential weaknesses? If so, we are looking for Cloud Security & Attack Simulation Specialist to join our Offensive Security Team that is responsible for challenging the existing security controls during simulated attacks, training & exercises and leverages the latest tools, tactics and techniques used by adversaries. To accomplish this, you will contribute to develop the capability of the Offensive Security Team and engage in a dynamic fight against the Defensive Security Team or the Application Teams. The primary focus will be on assessing the security of cloud infrastructure and external perimeter. Requirements
- Expertise or strong experience in testing the security of web and mobile applications
- Relevant certifications from organizations like CREST (CCT Inf, CCSAS), Offensive Security (OSCP/OSCE/OSWE), SANS (GXPN, GWAPT), eLearnSecurity (eCPTX), PentesterAcademy (CRTE, PACES) or demonstrable equivalent skills
- Ability to think laterally during engagements tying together many vulnerabilities or system misconfigurations to achieve your goal within a network
- Solid understanding of exploitation and the different exploit/vulnerability classes. Ability to modify exploits and payloads to function with newly introduced defensive countermeasures
- Knowledge of system and network configuration for multiple operating systems. Solid understanding of network protocols and their use
- Experience with defensive tools (Firewalls, Web Application Firewalls, Malware Sandboxes, SPAM filters, Antivirus, Deception and Honeypots, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Endpoint Detection and Response solutions (EDR), network capture and monitoring tools, User Behaviour Analytics solutions (UBA), Network Access Control solutions (NAC), Data Loss Prevention solutions (DLP))
- Must be able to build and maintain resilient infrastructure to support ongoing tests
- Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds
- Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Previous experience working in the financial industry
- Experience in the principles of all-source intelligence analysis and the associated tools (e.g. Maltego, ReconNG) or services (e.g. Shodan, Censys)
- Experience with virtualization solutions
- Typically 5-10+ years of IT experience, with 5+ of those focused on penetration testing.
- Strong technical and communication skills
- Can think like the adversary but also this the defenders.
- Develop stealth attack plans to meet the specified objectives
- Consistently research new techniques and refine your craft enhancing your capability and that of the Targeted Attack Simulation Team
- Test and rehearse the attack plans and tools prior to the engagement
- Assume the role of the adversary during tests, training and exercises
- Engage in an active fight with the defenders who will be working to repel you out of their network
- Collaborate with other Offensive Security Specialists to prioritize the attack tool development
- Develop the mission debriefs to enumerate the success or failure of each attack
- Provide constructive feedback to the defenders on their successes and failures and work alongside in regular "Purple Teaming" exercises.
- Write Breach and Attack Simulation plugins to simulate automatically automated techniques.
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.