Job Description
Offensive Security Lead-Hybrid Established in 2013 and now based in Blackrock, the Dublin Technology Centre delivers best in industry infrastructure and security services across the Zurich Insurance Group. Whether it's with one of our core capabilities such as Cyber Security, or working with our Cloud or Crowdsourcing teams, our customers are our priority. We work hard to deliver our services excellently with our unique talent. We are committed to working with the best and brightest people from the broadest talent pool possible. We believe a diversity of ideas fosters innovation and engagement, allows us to attract the best people, and to develop the best products, services and solutions. Qualified individuals from all walks of life are encouraged to apply. Zurich Dublin Technology Center is looking for an Offensive Security Lead to join the existing internal Red Team which emulates real-world attacks by conducting targeted operations that emulate the tools, tactics, and procedures (TTPs) of threat actors. Lead research with the goal of developing new TTPs improving attack efficacy and assist with defensive efforts. Partner with other teams in the Cyber Fusion Center (CFC) to develop tooling and instrumentation to improve our detection and response capabilities. The Red Team also interacts with our Incident Responses teams in Purple Team exercises to expand detection capabilities. Your Role As a Offensive Security Lead your main responsibilities will include, but not necessarily be limited to, the following: Conduct and/or support authorized adversarial emulations on enterprise network assets. Create reports and recommendations from findings, include issues uncovered and levels of risk. Collaborate with other internal and external partner organizations on target access and operational issues. Create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities. Your Skills & Experience As an Offensive Security Lead your skills and qualifications will include: 3-5 Years planning, leading, or conducting Red Team operations Expertise with commodity and advanced threat actor TTPs. Capacity to relate findings of offensive engagements to both executive and technical audiences. Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. Knowledge of evasion strategies and techniques. (A/V, WAF, NGAV, EDR, etc.) Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs. Experience with red teaming and covert computer exploitation Experience with malware development. Experience building, deploying, and managing offensive security operational infrastructure Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications). Experience with leveraging open source penetration testing tools including Metasploit or the Kali Linux tool set. Experience working in a Purple Team environment testing and building detections. Experience with common command and control and post-exploitation frameworks (Cobalt Strike, Mythic, Covenant, Metasploit etc.) Conducted Open source intelligence gathering and social engineering Ability to work independently, as well as within a global group of contributors. Demonstrated ability to learn and apply critical thinking to a variety of situations. One of more of the following certifications: OSCP, OSEP, OSCE, OSWE, GPEN, GXPN and/or CRTO Additional Information Primary work location is Blackrock based but occasional travel may be required to other Zurich locations. If you value an exciting and varied working environment and meet the above requirements, then our recruiter is looking forward to receiving your application by clicking on the button "Apply online". If you value an exciting and varied working environment and meet the above requirements, then we are looking forward to receiving your application. This role may be available both part or full-time. Please discuss with us the flexibility you may require. Who we are Zurich is one of Ireland's leading insurance companies providing a wide range of general insurance and life insurance products and services. The company employs over 1,000 people across its locations in Dublin and Wexford. Zurich is a strong brand - with our 53,000 employees worldwide form the basis of our success, helping our customers in 210 countries and territories to understand and protect themselves from risk. In order to deliver our services, we offer our employees flexible working models and interesting opportunities for further training & development. As a Zurich employee you benefit from a multitude of advantages as well as a strong culture, characterized by acceptance, diversity and team spirit. At Zurich, we foster a culture of diversity and inclusion. Our purpose and values are designed to protect, inspire confidence and help our employees reach their full potential. We value and defend what is right and promote opportunities for equity among our professionals, regardless of gender, disability, LGBTQ +, race, ethnicity, generations, belief, etc. Join Zurich and be part of this culture. Together we are committed to delivering on our purpose - Let's Create a Brighter Future Together!