Join our Red Team as a "Senior Staff Specialist Cyber Security Adversary Emulation and Red Teaming" to help improve our effectiveness. Put yourself in the shoes of an adversary and track down our security vulnerabilities before an external third party can exploit them.Responsibilities
In your new role you will:
- Plan, prepare, conduct and lead internal red teaming exercises and scenario-based penetration tests of core infrastructure systems, platforms and applications.
- Further develop and enhance the vulnerability management program and systems
- Develop and enhance automated adversarial emulation services to measure control efficiency and guide risk management
- Lead and coordinate the work with external penetration testing services and security researchers for externally discovered vulnerabilities
- Establish and maintain attack simulation infrastructure for red teaming and adversarial emulation
- Develop payloads and exploits for red team operations
- Support audit teams with technical assessments
- Participate in product evaluations and joint projects with other Cyber and IT teams as a red team stakeholder
- Coach other team members within the area of red teaming, penetration testing and attack simulations
- Work closely with the threat intelligence, monitoring and detection and incident response teams.
- Make a significant contribution to Infineon's Cyber Security and have fun
In addition, you will have the opportunity to perform some of your tasks in your home office (Hybrid)
and you can arrange your working hours flexibly
This position is eligible for full-time and part-time employmen
You are best equipped for this task if you have:
- Bachelor or Master's Degree in Computer Science, Information Technology, IT Security or any equivalent education program.
- Several years of hands-on experience and proven track record in conducting penetration tests and red teaming
- Deep knowledge about:
- active directory security and corresponding attacks
- fundamental concepts of networking and operating systems and corresponding attacks
- vulnerability management, scanning solutions and corresponding evaluation and scoring methods (e.g. CVSS)
- Knowledge about:
- cloud, container and micro service security and corresponding attacks
- the (Cyber) Security Incident Lifecycle / Processes as well as the Threat intelligence lifecycle, Vulnerability management and the interconnection of these processes
- attack techniques, detection and monitoring and potential bypasses
- attack simulation/adversary emulation platforms
- Knowledge in common frameworks such as MITRE ATT&CK, OSSTMM, ISSAF, NIST 800-115, OWASP or similar
- Skills in programming/scripting languages to a level which allows automation for day to day tasks and system integration (e.g. Python).
- Possession of relevant cybersecurity certifications (e.g., OCSP, CEH, CISSP) is considered a plus.
- Experience in technical writing and communication of technical details to various audience groups is considered a plus.
- Motivation for learning.
- Hands-on attitude and self-disciplined, result-driven approach to problem solving.
- Out-of-the box thinking and creative mindset.
- Fluent English language skills in speaking and writing, additional languages are considered a plus
We offer competitive salaries and additional benefits based on your performance, experience and qualification. The employment is in accordance with the collective salary and wage agreement for employees of the electrical and electronics industry, employment group H (). The monthly salary is paid 14 times p.a. We offer a higher compensation depending on your expertise and skills.Benefits:
- Coaching, mentoring networking possibilities
- Wide range of training offers & planning of career development
- International assignments
- Different career paths: Project Management, Technical Ladder, Management & Individual Contributor
- Flexible working conditions
- Home office options
- Part-time work possible (also during parental leave)
- Child care in Villach & Klagenfurt
- On-site social counselling and works doctor
- Health promotion programs
- Discounted lunch possibilities
- Private insurance offers
- Corporate pension benefits
- Flexible transition into retirement
- Performance bonus
- Accessibility, access for wheelchairs