Principal Information Security Engineer - RedTeam Cyberops
About the role:
As the Principal Information Security Engineer, you will be member of small team of “Ethical Hackers”. You will be planning, designing, building and running Red Team Cyber Operations such as: Red/Blue team exercises, breach attack simulations (BAS), DDoS attack simulations, new exploits acquisition to support vulnerability management program (TVM), recon of DHL’s infrastructure and artifacts on the internet, social engineering attacks against DHL employees, research and simulations of selected cyber adversaries’ TTPs (tools, tactics, processes) within DHL environment, tests point security controls and attack techniques (MITRE ATTACK), and other.
Cyber Defense Center Red Team is part of an adaptive, integrated and intelligence driven function which, in relation to cyber-attacks, provides range of predictive, prevention, detection and response services to DHL Group. Red Team works closely with CDC 24/7 Monitoring, CDC Incident Response Team (CSIRT), and Security Engineering teams.
Your KEY objective is to keep DHL IT operations running! by continuous testing of security breach prevention and detection controls, and report on improvement opportunities. Your mission is: to continuously increase DHL’s resilience to emerging cyber-threats and vulnerabilities.
What will you do:
• Plan, design, coordinate, execute and provide feedback on Red Teaming Cyberops.
• Conduct breach attack simulations (manual and automated) against selected DHL assets.
• Design, develop and/or contract DDoS simulations / attacks against DHL infrastructure.
• Develop or acquire exploits to test new vulnerabilities and their mitigation countermeasures’ effectiveness.
• Research specific cyber threats and simulate selected TTPs (tools, tactics and processes) within DHL environment.
• Conduct continuous recon of DHL infrastructure and specific artifacts from outside and/or inside of DHL network.
• Conduct analysis of DHL’s adversaries’ cyber infrastructure, and subsequently report for takedown.
• Plan and execute social engineering attacks against DHL employees.
• Test SIEM and other technologies detection capability of specific attacks (e.g. MITRE ATTACK framework).
• Support security incident response function for selected situations, test prevention and containment counter measures, validate exposure, hunt for specific artifacts, other.
• Support CDC Security Analysts’ training and development program by running demonstrations, workshops and Red/Blue team exercises.
You should have:
• Passion for information security, continuous learning mindset and problem solving attitude.
• Ability to cope with fast changing situations and to keep calm, and stay focused during major situations.
• Solid experience in Penetration Testing, “white hacking” and Red Team concepts.
• Very good programing language skills (e.g. Python, Shell, PowerShell, CSharp) and system administration capabilities (to run RT infrastructure).
• Very good understanding of Common Cyber Attack techniques and principles e.g. MITM, Cyber Kill Chain, MITRE ATTACK framework.
• Very good understanding of Distributed Denial of Service attack (DDoS) techniques and in general Internet / network protocols.
• Very good experience in Information Security Incident Response management (ISIRT/CSIRT).
• Very good understanding of Intrusion Prevention Systems (IPS on host and network level), EndPoint Protection Platform (EPP), EndPoint Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions.
• Good understanding of Information Security common body of knowledge e.g. ISC2, SANS, ISO270xx, OWASP.
• Good understanding of Threat and Vulnerability Management (TVM) practices.
Nice to have:
• Good understanding of Continuous Improvement framework.
• Understanding of Threat Intelligence Platform (TIP) and Incident Response Platform (IRP) concepts.
• Understanding of Enterprise Security Architecture principles.
• Understanding of Project Management (PM) and IT Infrastructure Library framework (ITIL).
• Understanding of Identity and Access Management (IAM), Web Application Security (WAS) and/or Cloud Security.
• SANS, CISSP certifications and trainings.
What we offer:
• Great team of IT professionals and possibility of technical development
• Modern offices in Chodov
• Home office possibilities
• Permanent contract
• Company Car, Pension plan contribution, Long-term Sickness Insurance
• CAFETERIA employee benefit program with wide selection of benefits from Edenred
• Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company
• Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……
For more details feel free to contact firstname.lastname@example.org.
Zahlen und Fakten
DHL Information Services (Europe) s.r.o.
„Die Deutsche Post DHL bietet mir Sicherheit, die Chance mich weiterzuentwickeln und die Möglichkeit, in fast jedem Land der Welt zu arbeiten.“
Aktueller Mitarbeiter – Senior Consultant in Bonn