Cyber Security Engineer

About the company we're hiring for Currently:

The company is an AI fintech platform revolutionizing the music industry by providing private equity tools for music.

About the Role

We are looking for an experienced Red Team Cyber Security Expert to join our security team and play a crucial role in identifying, exploiting, and reporting vulnerabilities across our IT infrastructure. As a Red Teamer, you will conduct advanced penetration tests, adversary simulations, and social engineering assessments to improve our overall security posture. You will collaborate with Blue Teams and security stakeholders to enhance our cyber resilience against sophisticated cyber threats.

Key Responsibilities
Offensive Security Testing:

• Conduct full-scope penetration testing of networks, applications, cloud environments, and physical security.
• Simulate Advanced Persistent Threats (APT) and real-world cyber attack scenarios.
• Develop and execute social engineering campaigns (phishing, vishing, and physical security assessments).

Adversary Emulation & Exploitation:

• Utilize Tactics, Techniques, and Procedures (TTPs) from frameworks like MITRE ATT&CK to mimic real-world attackers.
• Perform network and application exploitation using tools like Metasploit, Cobalt Strike, and Empire.
• Create and customize malware payloads, scripts, and attack simulations.
• Stay ahead of the latest zero-day vulnerabilities, exploit techniques, and hacking trends.
• Research and develop custom exploits, evasion techniques, and post-exploitation tactics.
• Identify weaknesses in authentication, access controls, and privilege escalation mechanisms.
  
• Work closely with the Blue Team to improve Detection & Response (EDR/XDR, SIEM, and SOC) capabilities.
• Provide detailed reports on vulnerabilities, including proof-of-concept (PoC) exploits and remediation recommendations.
• Assist in Red vs. Blue Team exercises and Purple Team collaborations.
  

Key Skills & Requirements

• Strong knowledge of network security, web applications, cloud platforms (AWS/Azure/GCP), and Active Directory attacks.
• Hands-on experience with penetration testing tools like Kali Linux, Burp Suite, Blood Hound, Metasploit, Cobalt Strike, and Mimi Katz.
• Scripting/programming skills in Python, Bash, PowerShell, C, or Assembly for exploit development.
• Familiarity with bypassing EDR/XDR solutions and staying stealthy in engagements.

Security Methodologies & Frameworks:

• Deep understanding of MITRE ATT&CK, NIST 800-53, OWASP Top 10, and Cyber Kill Chain.
• Experience conducting Red Team operations in Windows and Linux environments.
• Ability to evade Intrusion Detection Systems (IDS), firewalls, and endpoint protections.

Soft Skills:

• Strong analytical and problem-solving skills.
• Ability to think like an attacker and adapt to evolving threats.
• Excellent communication and report-writing skills.

Preferred Qualifications & Certifications (Not mandatory but a plus)

• OSCP (Offensive Security Certified Professional)
• OSCE (Offensive Security Certified Expert)
• CRTP (Certified Red Team Professional)
• CRTE (Certified Red Team Expert)
• GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker) with practical experience

Other Details:

Experience: 3+ years
Salary: Market Completive
Location: Lahore (on-site)

Timings: Monday to Friday 11:00 AM and 07:00 PM (Full-time)

Apply at: jobs@hrways.co (not com)

About HR Ways:HR Ways is an award-winning Technical Recruitment Firm helping software houses and IT Product companies internationally and locally to find IT Talent. HR Ways is engaged by 300+ Employers worldwide ranging from the world's biggest SaaS Companies to the most competitive Startups. We have entities in Dubai, Canada, the US, the UK, Pakistan, India, Saudi Arabia, Portugal, Brazil, and other parts of the world. Join our Whatsapp Channel https://shorturl.at/983az to stay updated or visit www.hrways.co to know more.