Principal Security Consultant - Leamington Spa, United Kingdom - LRQA group

LRQA group

Verified Company

Leamington Spa, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

About Nettitude
Nettitude is an LRQA Company. We've been around since 2003 and our focus has always been on excellence in cyber security.

We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more.

Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides

We're an award winning provider of cyber security services and we're are at a very exciting stage of development.

We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced.

Nettitude will be at the forefront of this arena and we want to seek the right people to join the team and make it happen.

Location
This role is remote. We can support working from across the UK. All applicants will require residence in the UK.

The role

To be the main focal point for the technical delivery of highly sophisticated attack simulations, while operating under legal standards, regulated frameworks and co-ordinating a mínimal risk-based approach.

A Red Team Lead is expected to be able to operate multiple engagements at once, orchestrating and supporting his teams to deliver on agreed objectives.

The lead will be expected to work in challenging environments and deliver under pressure, while maintaining good working relationships with customers.

The role focuses on a high level of competence in technical delivery but requires an equally high level of aptitude for consultancy and management, influence, and presentation skills.

A Red Team lead will be required to manage and mentor people while working with and debriefing executive teams, company boards or regulators such as the Bank of England (BoE) and Financial Conduct Authority (FCA).

What we're looking for

We are looking for the right individuals to engage in top tier red teaming, with experience in any of the common regulated frameworks (CBEST, GBEST, GCASE, TBEST, TIBER-EU, C-RAF iCAST, AASE, TIBER-FI, CORIE, FEER).

The ability to perform under pressure, simulating highly technical tactics, while executing in heavily monitored environments.
A willingness to occasionally work unsociable working hours attackers don't just work 95 and sometimes we need to replicate that.
Strong knowledge of the cyber kill chain and common tactics, techniques and procedures often employed by a variety of threat actors.
A good understanding of how a typical blue team operates.
You will be enthusiastic and able to work well within a high performing team as well as perform to a high standard autonomously.
You will have an in depth understanding of risk.
The ability to write and deliver high quality reports.
A thirst for research and being at the cutting edge of the industry.

What you'll be doing in your role:

Plan and execute complex Red and Purple team engagements, Penetration tests and Social Engineering Assessments.
Take ownership for continued improvement of both the reporting templates and the mentorship of others not achieving high quality reports.
Deliver both technical and management debriefs, up to executive level.
Support, contribute to and deliver a number of Nettitude training programmes, namely Nettitude's Red Team training course, delivered privately and at conferences.
Maintain a good working knowledge of Blue team tactics/capabilities, specific to people, processes and technologies. Support and delivery Detection and Response (DRA) assessments and reports where necessary.
Maintain a good working knowledge of threat actors and their Tactics, Techniques and Procedures (TTP's).
Assist Project Delivery in planning and arranging Red team activities, assigning personnel and managing workloads.
Coordinated delivery of Red Team risk workshops, Threat Intelligence handover and project setup meetings with customers.
Create robust and coherent test plans, or provide quality assurance of any test plans.
Support the Global Red Team operation by being able to travel both domestically and internationally, while operating in multiple time zones where necessary.
Maintain a proficient knowledge of regulatory frameworks, laws and there legal implications, operational security and its impacts on the team.
Carry out or support technical research that increases Nettitude's delivery capability and industry awareness.
Support the sales team in procurement of red team services:
Responding to RFP's and other proposals.
Presales to support the effective communication of the red team service and set appropriate expectations.
Onsite presentation of red team service to executive level audiences.
Regular training provided to the sales team to upskill the knowledge of the red team service and c