Red Team Specialist

Full time
Competitive
Locationlondon Calendar14/05/2018   Full time Competitive

Red Team Specialist

 

Location: London

 

Aviva is an international insurer with over 33 million customers, and a leader in digital insurance. To keep the firm and customers secure, the Aviva cyber security strategy is transitioning from a compliance focus to building and applying a deep understanding of the threats facing our businesses.

 

Our team develops and delivers technical attack scenarios that stress-test Aviva security decisions and drive improvement in the capability to prevent, detect, and respond to cyber events. We are growing to meet business demand and are looking for a talented and enthusiastic red team specialist to join the team. The work requires initiative, creativity, and technical expertise.

 

In this role, you will be supporting all aspects of the Aviva Red Team operation and development. You will conduct independent research and work with Aviva Threat Intelligence to keep abreast of current threats, attack techniques, and detection and response methods, contributing to the definition of Red Team scenarios. You will participate in or lead on delivering the scenarios in practice and collaborate with colleagues across Security Operations and the CISO community worldwide on understanding scenario implications and driving remediation.

 

You will have an opportunity to actively shape the direction of the team, conduct independent technical security research, and build your professional network and skills along the way.

 

Duties & Responsibilities

  • Development and execution of scenario-based technical security assessments
  • Handling research and assurance requests from other teams
  • Identification and reporting of opportunities for improvements in the tooling, team knowledge and skills, and the overall service

 

Key performance indicators

  • Delivery of the Red Team plan and supporting operational tasks
  • Measurable contribution to the Aviva capability to prevent, detect, and respond to cyber events, through delivery of insightful observations, pragmatic recommendations, and remediation support
  • Positive feedback from key stakeholders

 

Skills & Experience required

  • Working knowledge of the red team engagement lifecycle
  • Ability to accurately interpret Threat Intelligence to form realistic simulated attack scenarios
  • Working knowledge of Cyber Defence and threat hunting
  • Familiarity with the kill chain concept and its application
  • Broad knowledge of offensive and defensive cyber techniques
  • Hands-on experience with network mapping, target enumeration, exploitation, access escalation, and data exfiltration techniques
  • Good knowledge of security administration processes and tooling
  • Awareness and practical experience of scripting languages that may be required in automating and enabling the process of real word testing on common Windows and Unix based platforms
  • Ability to develop and deliver social engineering scenarios
  • Ability to deliver technical assessments both with and without commercial tools
  • Experience engaging with all levels of management and communicating complex technical issues to a wide range of audiences and technical competences
  • Excellent written skills

 

Qualifications

  • Recognised technical security certifications and academic degrees desirable, but not essential (Information Security Degree, CREST, Offensive Security certifications)

 

What will I get from this role

  • Salary: Competitive, dependent on skills & experience
  • Generous defined contribution pension scheme
  • Annual performance related bonus and pay review
  • Minimum holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
  • Up to 30% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family
  • Excellent range of flexible benefits to include a matching share save scheme

 

Additional Information

 

Bring to Aviva what makes you different and we’ll support you to do the best work of your life. We encourage applications from everyone who wants to help us achieve our purpose of helping our customers to Defy Uncertainty.

 

One of Aviva’s core values is Care More, and this is brought to life through the flexible ways we like to work. This may include working from home some of the time, or flexible work schedules to accommodate parent and carer responsibilities, further studies and hobbies.

 

We prefer all applications to be submitted online, however if you require an alternative method of applying please contact Alex Stumpo in the Resourcing team at alex.stumpo@aviva.com