The Red Team analyst is charged with providing assurance by reducing the uncertainty regarding cyber detection and defense capabilities using adversarial cyber-attack & exploitation techniques. The Red Team Analyst will plan and execute engagements that test specified threat scenarios against BP's businesses and/or internal security systems. This will involve the emulation of threat actors to discover security weaknesses in people, processes and technology. The analysts' secondary tasks will also include utilizing technical expertise (up to and including system forensics), during cyber related investigations. This mission is critical to the protection of BP assets, our customers, the brand and shareholder value. Accountabilities:
Certifications, Qualifications & Experience:
- Engage relevant stakeholders to develop Red Team proposals, establish execution plans, and prioritize engagement using a risk-based approach
- Execute testing utilizing the latest tactics, techniques and procedures of advanced adversaries
- Develop final report and presentations to debrief Information Security Officers, decision makers and various business stakeholders
- The role is further responsible for conducting and measuring cyber readiness and defense capability testing
- Support incident investigations with forensic analysis
- Formal education and degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.
- Well versed in system exploits (e.g. host-based controls bypass), network exploitation (e.g. scanning, evasion, MiTM, etc. ), Wi-Fi hacking, mobile platform and application hacking (e.g. Android or IOS) or web application exploitation (SQL Injection, RFI, XSS, logic flaws, etc.)
- Proven experience of vulnerability assessments or penetration testing.
- Proven experience in simulating advanced cyber threats including post-compromised IOCs
- Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholder groups
- Experience in a liaison role, working with customers and third parties
- xperience in supporting fast paced operations and working in ambiguous situations
Strong experience in information systems/security including but not limited to:
- Common application frameworks
- Operating systems (Windows, Unix, Linux, databases.
- Experience with cloud services
- Strong understanding of the Cyber Kill Chain as a workflow
- Strong understanding of web technologies, e.g. HTTP, HTML, CSS, forms, database connectivity
- Full grasp and ability to articulate the "OWASP Top 10" and related concepts
- Programming and/or scripting in multiple languages: Python, Java, PHP, Ruby, Perl, Bash, or similar languages is a plus
- Membership of a technical or professional body that has confirmed an individual has reached a level of capability within a technical or professional field or Formal certification (e.g. CISSP, C|EH, GWAPT, GIAC, OSCP)