Threat Intel Purple Team Engineer
About the position
Responsibilities
• Operationalizing Purple Team and Breach and Attack Simulations.
• Developing adversary simulation plans that align with MITRE ATT&CK by incorporating cyber threat intelligence.
• Lead Purple Team initiatives designed to evaluate and enhance defensive capabilities by collaborating with partners to execute relevant Tactics, Techniques, and Procedures.
• Configuring and safely utilizing attacker tools, tactics, and procedures for Verizon environments.
• Automating the creation of TTPs, and assisting offensive security assessment operations in support of Blue and Red Teams.
• Continuously enhancing the organization's security posture by sharing knowledge and expertise with other security team members.
• Developing and delivering presentations and reports to technical and executive audiences.
• Communicating findings and strategies to stakeholders.
• Providing risk-appropriate and pragmatic recommendations to correct found vulnerabilities.
• Providing leadership and guidance to advance the offensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise.
Requirements
• Bachelor's degree or four years or more experience.
• Four or more years of relevant work experience.
• Two or more years of hand-on experience operating enterprise Breach and Attack Simulations solutions.
• Experience with Purple Team automation and tooling.
• Knowledge of adversary tactics, MITRE ATT&CK and knowledge of real attackers behaviors.
• Shell scripting or tasks automation skills using languages such as Python, Powershell, or Bash.
Nice-to-haves
• A technical field degree.
• Strong understanding of offensive and defensive security principles and practices.
• Background in intrusion detection, threat hunting, security investigations, and incident response.
• Familiarity with blue team technologies, including EDR, NDR, SIEM, data sources, and threat hunting.
• Experience with Cyber Threat Intelligence.
• Familiarity with logging and security controls for cloud technologies, including AWS, Azure, and GCP.
• Proficiency with security tools, including C2 frameworks.
• Exploit, shellcode, or exploit tool development, extension, or modification experience.
• Active directory security skills.
• Profound knowledge of covert channels, network protocols, and data on the wire.
• Proficiency with bash and Powershell, and expertise in Unix/Linux/macOS/Windows operating systems.
• Demonstrated experience in Capture the Flag (CTF) competitions.
Apply tot his job
Apply To this Job