Red Teamer - Manchester, United Kingdom - NCC Group

Description

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

CC Group Technical Assurance Services (TAS) is the home of high-end technical excellence in cybersecurity assessment.

We employ the world's sharpest minds to demonstrate security weaknesses to clients before a real attacker can take advantage of them.

Through our 'attacker's eye view' we provide unparalleled advice to help clients secure their assets.

We are the largest and most tenured team of its kind in the cybersecurity services market with an uncompromising commitment to deep technical excellence.

The techniques, tools, and insights originating from NCC are used by clients and competitors the world over.

Often imitated, never bettered – we exist to set the highest bar in pursuit of a more secure digital future.

Do you have what it takes to be part of the best technical cybersecurity services team around? Come find out OpportunityThe successful candidate will be involved in each aspect of the attack chain from social engineering and initial access, evading best-in-class EDR products, through lateral movement and achieving objectives set by the client.

Operational Security and safety of target environments is of paramount importance, the successful candidate will have extensive experience of managing operational risk and communicating with client stakeholders on the risks and mitigations for all Red Team activity.

Additionally, the successful candidate will be well versed in capability development and the creation of tools to automate activity or exploit weaknesses identified in the environment.

Finally, the successful candidate will have a high-standard of written English for reports and presentations, as well as the ability to brief both technical and C-Level audiences on their activities and findings.

Key AccountabilitiesSimulate Adversarial Attacks:

Design, plan, and execute realistic cyber-attack scenarios to identify vulnerabilities and weaknesses within our target organization's infrastructure, applications, and processes.

We operate against high-maturity clients across a number of internationally recognised regulatory frameworks.


Report and Advise:
Clearly convey findings, vulnerabilities, and potential risks to stakeholders, offering actionable technical recommendations, procedural and defensive improvements. The ability to write attack narratives to enable non-technical readers to understand the actions performed.


Engage and Collaborate:
Ability to work as part of a team on large engagements and individually for smaller ones. Forging strong relationships with colleagues, client contacts and C-Level teams, security departments, and other stakeholders to drive maximum value.


Continuous Learning:
Keep abreast of the latest adversarial techniques, tools, and trends in Red Teaming and more general global cybersecurity. Sharing knowledge from successful techniques as well as evaluating and introducing new methodologies where appropriate.


Mentoring and Training:

Act as a resource for junior team members and other departments, imparting knowledge on current threat vectors and best practices for defence.

Desirable RequirementsDemonstrable experience in advanced red teaming.

Demonstrable experience in regulatory schemes globally (CBEST/TIBER/CORIE/AASE/iCAST/FEER).Comprehensive understanding the majority of the following domainsCloud platforms and their security mechanismsMicrosoft Active DirectoryOffice 365 SecurityEDR/EPP BypassesEmail Gateways and FiltersWeb Gateways and ProxiesMacOS Client EnvironmentsExceptional written and verbal communication skills, tailored to a diverse audience.

Proactive, team-oriented, and adept at problem-solving.
Familiarity with the UK's cybersecurity regulations, standards, and best practices.


Preferred QualificationsCREST CCT-INFCREST CCSASCREST CCSAMBehavioursClient-Focused:
Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success

Collaborates as 'One NCC':
Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organisation

Adds Value:
Goes beyond the minimum requirements to provide solutions and contributions that enhance the customer's success and growth

Enables and Empowers:
Provides tools, resources, and support to team members, fostering an environment where they can thrive and excel

Personal Responsibility:
Takes ownership of actions, decisions, and outcomes, acknowledging successes as well as areas for improvement

Communicates Openly and Respectfully:
Shares information transparently while maintaining respect and consideration for all stakeholders

Open Mindset:
Embraces new ideas, diverse perspectives, and is willing to adapt in response to evolving situations or feedback

Growth and Development:
Actively seeks opportunities for personal and professional growth, championing learning and evolution for oneself and the organisation

Analytical Thinking:
Demonstrates a systematic approach to resolving issues and identifying improvements.

About NCC GroupThe NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers.

Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference.

We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your applicationWe review every application received and will get in touch if your skills and experience match what we're looking for.

If you don't hear back from us within 10 days, please don't be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email All personal data is held in accordance with the NCC Group Privacy Policy.

We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does.

To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.