Job Description

Job Title:

Application Security Expert - Red Team / Ethical Hacker

Department:

Information Security / Cybersecurity

Reports To:

Group CISO

Job Summary:

The Application Security Expert - Red Team / Ethical Hacker is a critical role responsible for proactively identifying and exploiting security vulnerabilities in our software applications throughout the entire Software Development Life Cycle (SDLC). Operating as a key member of the in-house Red Team, this role will focus on simulating real-world attacks, conducting advanced penetration testing, and providing actionable intelligence to strengthen our overall security posture.

Responsibilities:

Red Teaming & Attack Simulation:

Plan and execute realistic attack simulations against our web, mobile, and desktop applications to identify weaknesses and bypass security controls.

Develop and utilize custom exploits, tools, and techniques to mimic the tactics, techniques, and procedures (TTPs) of advanced threat actors.

Conduct social engineering campaigns to assess employee awareness and identify potential vulnerabilities.

Advanced Penetration Testing:

Perform in-depth penetration tests of applications, networks, and systems, using both automated tools and manual techniques.

Identify and exploit complex vulnerabilities, including those related to application logic, authentication, authorization, and data handling.

Develop detailed penetration test reports with clear and actionable recommendations for remediation.

Secure Code Review (Offensive Perspective):

Conduct code reviews from an offensive perspective, identifying potential vulnerabilities that could be exploited by attackers.

Provide developers with guidance on secure coding practices and vulnerability remediation techniques.

Develop and maintain secure coding guidelines and checklists.

Vulnerability Research & Exploit Development:

Stay up-to-date on the latest security threats, vulnerabilities, and exploit techniques.

Conduct vulnerability research to identify new and emerging threats.

Develop custom exploits and tools to test and demonstrate the impact of vulnerabilities.

SDLC Integration & Security Advocacy:

Collaborate with development teams to integrate security testing and red teaming activities into the SDLC.

Participate in design reviews and provide security guidance on application architecture and design.

Promote a security-conscious culture within the development organization.

Vulnerability Management (Validation & Verification):

Validate and verify the effectiveness of vulnerability remediation efforts.

Retest remediated vulnerabilities to ensure they have been properly addressed.

Security Tooling & Automation (Offensive Tools):

Evaluate, recommend, and customize offensive security tools and technologies.

Automate red teaming and penetration testing processes to improve efficiency and coverage.

Required Skills and Qualifications:

Education:

Bachelor's or Master's degree in Computer Science, Information Security, or a related field.

Experience:

8+ years of experience in application security, penetration testing, red teaming, or a related field.

Demonstrable experience conducting advanced penetration tests and red team engagements.

Strong understanding of web application vulnerabilities (e.g., OWASP Top 10, SANS Top 25).

Experience with various penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Kali Linux).

Experience with exploit development and reverse engineering.

Technical Skills:

Expert proficiency in one or more programming languages (e.g., Python, Java, C, C++).

Strong understanding of web application architectures and technologies.

Deep understanding of network protocols and security concepts.

Familiarity with cloud security principles and practices (e.g., AWS, Azure, GCP).

Understanding of authentication and authorization mechanisms.

Certifications (Required/Preferred):

Offensive Security Certified Professional (OSCP) - Required

Certified Ethical Hacker (CEH) - Preferred

GIAC Web Application Penetration Tester (GWAPT) - Preferred

Offensive Security Certified Expert (OSCE) - Highly Preferred

Offensive Security Web Expert (OSWE) - Highly Preferred