Jobs
>
London

    Offensive Security Engineer, Red Team - United Kingdom - GitHub, Inc.

    GitHub, Inc.
    GitHub, Inc. United Kingdom

    1 week ago

    Default job background
    Description

    About GitHub

    As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.

    Locations In this role you can work from Remote, United Kingdom

    Overview

    GitHub is changing the way the world builds secure software and we want you to help change the way we secure GitHub. GitHub's Red Team is an active threat emulation team that models real world threats and executes simulated attacks on GitHub. We're looking for a security engineer to expand GitHub's Red Team operations.

    In this role you will execute both red and purple flavored offensive operations, deliver results to key stakeholders through written reports and live briefings, and partner with product teams for remediation. You'll also provide a vital offensive perspective to many security-wide initiatives including threat modeling, table tops, and adversarial analysis. You'll also work closely with the detections, IR, and engineering teams to continuously improve their processes and procedures to help secure GitHub..

    Communication and empathy is key in this role. Your collaboration with engineers is as important as the vulnerabilities and security risks you identify. In this role you'll not only need to be creative and thorough in the attacks you perform, but also in helping drive the remediation strategies with teams across the company.

    Responsibilities
    • Conceptualize, plan, and execute basic offensive operations, with an understanding of operational security, developing novel offensive techniques, and leveraging threat intelligence reports
    • Digest application and service architectures to identify potential threats and avenues for exploitation
    • Identify weaknesses in product security controls - including vulnerabilities, misconfigurations, and gaps in processes and procedures
    • Be an advocate for best security practices
    • Partner with internal security and engineering teams on collaborative engagements that uncover vulnerability and detection opportunities across systems.
    • Collaborate empathetically with engineering teams and leadership to communicate identified risks and expectations for remediation
    Qualifications

    Required Qualifications:

    • Offensive experience including attack simulation, capability development, or vulnerability research
    • Experience writing tooling in Python, Go, Ruby, or Javascript
    • Familiarity with common security vulnerabilities and mitigations within web applications and cloud infrastructure
    • Hands-on experience with cloud technologies (Azure, AWS, Containers, Kubernetes, etc.)
    • Demonstrated ability to work empathetically with blue team peers to foster effective and productive relationships

    Preferred Qualifications:

    • Excellent written and verbal communication skills targeting a broad range of audiences from engineers to leadership
    • Contributed to open-source offensive security tooling or delivered novel research at industry conferences such as Black Hat or DEFCON
    • Experience in security architecture review and threat modeling of software systems
    • Practical experience with red team engagements targeting organizations that use macOS, Linux, and cloud infrastructure, including Azure and AWS
    • Knowledge of approaches to evade EDR and similar defensive controls - bonus points if you have experience developing tools to do that
    • Practical experience assessing the security posture of applications written using Ruby on Rails or Go

    GitHub values

    • Customer-obsessed
    • Ship to learn
    • Growth mindset
    • Own the outcome
    • Better together
    • Diverse and inclusive

    Manager fundamentals

    • Model
    • Coach
    • Care

    Leadership principles

    • Create clarity
    • Generate energy
    • Deliver success
    Who We Are GitHub is the world's leading AI-powered developer platform with 100 million developers and counting. We're also home to the biggest open-source community on earth (and 99% of the world's software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub.
    Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond).
    At GitHub, our goal is to create the space you need to do your best work. We're remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
    Join us, and let's change the world, together.
    #J-18808-Ljbffr
  • Ibex Recruitment

    Red Team Lead

    5 days ago

    Ibex Recruitment London, United Kingdom

    Ref #: · - KMRT-33866 · - Location: · - London · - Salary: · - £100,000 - £120,000 · - Sector: · IT · Engineering · - Type: · - Permanent · Red Team Lead · Red Team Lead is needed for a greenfield Cyber Security team within an award winning fintech who are scaling the business an ...

  • UBS

    Red Team Tester

    4 days ago

    UBS London, United Kingdom

    United Kingdom · - Compliance, Information Technology (IT) · - Group Functions · **Job Reference #** · BR · **City** · - London · **Job Type** · - Full Time · **Your role** · - We are expanding our global Red Team. We are looking for additional testers to be based in London to he ...

  • JPMorgan Chase Bank, N.A.

    Red Team Operator

    1 week ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    Working in Cybersecurity takes pure passion for technology, speed, a constant desire to learn, and above all, vigilance in keeping every last asset safe and sound. You'll be on the front lines of innovation, working with a highly-motivated team laser-focused on analyzing, designi ...

  • Parliamentary Digital Service

    Cyber Red Team Associate

    1 week ago

    Parliamentary Digital Service London, United Kingdom

    Employer · - Parliamentary Digital Service · Directorate · - Cyber Security · Band / Grade · - B2 · Salary · - £35,000 - £39,520 (inc. £2,000 MSA) · Contract Type · - Permanent · Location · - Mainly Remote (some travel to on-site) · Security Level · - Security Check (SC) · Interv ...

  • JPMorgan Chase Bank, N.A.

    Red Team Business Process Operator

    1 week ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    Working in Cybersecurity takes pure passion for technology, speed, a constant desire to learn, and above all, vigilance in keeping every last asset safe and sound. You'll be on the front lines of innovation, working with a highly-motivated team laser-focused on analyzing, designi ...

  • JPMorgan Chase Bank, N.A.

    Red Team Business Process Operator

    6 days ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    **Description**: · Working in Cybersecurity takes pure passion for technology, speed, a constant desire to learn, and above all, vigilance in keeping every last asset safe and sound. You'll be on the front lines of innovation, working with a highly-motivated team laser-focused on ...

  • Lorien

    Offensive Security Specialist- Red Team/pen Testing

    3 days ago

    Lorien London, United Kingdom

    **Up to £95,000 plus excellent company benefits** · **London - Hybrid Working** · A global financial services client we are partnered with are looking for an **offensive security specialist** to join and help lead the team focused on all services relating to offensive security, i ...

  • ubs

    Red Team Tester

    3 days ago

    ubs London, United Kingdom Technology

    United Kingdom · Compliance, Information Technology (IT) · Group Functions · Job Reference # · 289336BR · City · London · Job Type · Full Time · Your role · We are expanding our global Red Team. We are looking for additional testers to be based in London to help us drive security ...

  • Usurpo

    Red Team Engineer

    1 week ago

    Usurpo United Kingdom

    Our client provides a disruptive SaaS platform for Attack Surface Management, and Penetration testing as a service. This vendor are new to market however have recently received an additional funding round as they have proven success in some major customers globally, backed by a p ...

  • LE040 NCC Group Security Services Limited

    Red Team Consultant

    1 week ago

    LE040 NCC Group Security Services Limited United Kingdom

    Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. · We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals worki ...

  • Usurpo

    Red Team Engineer

    1 week ago

    Usurpo United Kingdom

    Our client provides a disruptive SaaS platform for Attack Surface Management, and Penetration testing as a service. One of the hot topics in cybersecurity, this company are growing FAST, and need to add some strategic hires within their team. Proficiency in basic scripting langua ...

  • CrowdStrike Holdings, Inc.

    Principal Consultant, Red Team

    2 weeks ago

    CrowdStrike Holdings, Inc. United Kingdom

    Principal Consultant, Red Team (Remote, GBR) page is loaded · Principal Consultant, Red Team (Remote, GBR) · Apply locations United Kingdom - Remote time type Full time posted on Posted Yesterday job requisition id R15763 #WeAreCrowdStrike and our mission is to stop breaches. As ...

  • Client Server

    Graduate Penetration Tester Red Team

    2 weeks ago

    Client Server London, United Kingdom

    Graduate Penetration Tester (Red Team) Hybrid WFH to £60kDo you have an academic record of achievement combined with an interest in Cyber Security / Penetration Testing?You could be progressing your career as a Penetration Tester at a rapidly expanding scale-up software house tha ...

  • NCC Group

    Red Team Consultant

    1 week ago

    NCC Group Bexleyheath, United Kingdom Full time

    The Opportunity · : The successful candidate will be involved in each aspect of the attack chain from social engineering and initial access, evading best-in-class EDR products, through lateral movement and achieving objectives set by the client. · Operational Security and safet ...

  • Angoka Limited

    OT/Enterprise IoT Pen Tester and Red Team Specialist

    1 week ago

    Angoka Limited United Kingdom

    OT/ENTREPRISE IOT pen tester and red team specialist · OT/Enterprise IoT Pen Tester and Red Team Specialist · Location: Belfast/London · By 2035, it is estimated that a colossal 1 trillion connected devices will be live across the globe. This introduces a new, complex web of s ...

  • Verus Recruitment LTD

    Bilingual IT Trainer Dutch or German Speaking

    3 days ago

    Verus Recruitment LTD London, United Kingdom

    Job Title: Bilingual IT Trainer (German or Dutch Speaking) · Hours: Full Time -Permanent · Location: Hybrid role with WFH and travel to clients in Europe. · **Salary**: £50,000- £60,000 (D.O.E) · We are looking for an experienced German or Dutch speaking IT software trainer from ...

  • University College London Hospitals NHS Foundation Trust

    Consultant Haematologist

    3 days ago

    University College London Hospitals NHS Foundation Trust London, United Kingdom

    This postholder will be required to take a major role in UCLH's red cell disorders team, working with colleagues in clinical and laboratory haematology at UCLH, as well as a number of partners at other organisations. The role will also include a role within the outpatient general ...

  • Red Bull

    Student Marketeer

    1 week ago

    Red Bull London, United Kingdom

    **Company Description**: · Our Student Marketeers are the face of the Red Bull brand and are our product ambassadors both on & off campus. The purpose of the role consists of three folds, approaching consumers driving positive product trial, awareness and help establish Red Bull ...

  • British Red Cross

    Institutional Programme Funding Senior Officer

    1 week ago

    British Red Cross London, United Kingdom

    **Institutional Programme Senior Funding Officer (International)** · **Location**: · **Moorfields London - Hybrid, home working or office based.** · **(Other UK locations considered)** · **Hours: 35 hours per week, Monday to Friday but we're open to flexible working** · **Contrac ...

  • Red Bull

    Sports Communication Specialist

    1 day ago

    Red Bull London, United Kingdom

    **Company Description**: · **Red Bull UK is recruiting for a Sports Communication Specialist to be based London, UK.** · The Sports Communications Specialist is responsible for playing a supporting role in all aspects of our communications plans across Sport. They will work direc ...