NetWitness Red Team Analyst
Primary Location: Milano Marittima, Italy
NetWitness Red Team Analyst:
As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks. Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting. Our Sales Professionals, Sales Engineers and Professional Services Consultants design and deliver solutions for potential and existing customers to enable better visibility, insight and action to prevent and defend against attacks. NetWitness provides the unique ability to provide one single platform with a unified view across all attack surfaces including Network, Logs/SIEM, Endpoint and IoT combined with our AI-based User and Entity Behavioral Analysis (UEBA) and Security, Orchestration, Automation & Response (SOAR) capabilities.
Are you interested in a career on the white side of the cybersecurity spectrum? Netwitness can give this opportunity.
As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks.
Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting.
As a part of the Netwitness Incident Response team (NWIR) the Red Team is working closely with our customers to proactively assess their Cybersecurity awareness and their readiness to face incumbent and sophisticated actors.
As a Red Teamer, you’ll be faced with complex problem solving opportunities and hands-on testing opportunities on a daily basis. You will work closely with the Threat Intel team and the rest of the IR practice to provide most valuable and comprehensive testing mimicking real world attackers.
You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best cybersecurity analysts in the industry, causing you to develop new skills as you progress through your career.
Responsibilities include, but are not limited to:
- Perform network and infrastructures compromises on a regular basis, leveraging on tools collected from real incidents, but modified or adapted to safe testing.
- Study and apply attacker tactics and procedures based on our framework and the MITRE ATT&ck framework.
- Develop scripts, tools, or methodologies to adapt our practice to the testing goals
- Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
- 3 years' experience in at least three of the following:
- Network penetration testing
- Web application assessments
- Shell scripting or automation of simple tasks using Perl, Python, or Ruby
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Developing applications in C#, ASP, .NET, ObjectiveC, Go or NEST languages
- Reverse engineering malware, data obfuscators, or ciphers
- Source code review for control flow and security flaws
- Strong knowledge of tools used for web application, and network security testing
- Thorough understanding of network protocols, data on the wire, and covert channels
- Mastery of at least one between the following Operating Systems:
RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All qualified applicants will receive consideration for employment without regard to race, color, and any other category protected by applicable country law.
If you need a reasonable accommodation during the application process, please contact the RSA Talent Acquisition Team at firstname.lastname@example.org. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.Job ID: REDTE003331