Bulletproof are looking for a new Red Team Specialist to join its growing dedicated Red Team. As a Red Team Specialist within Bulletproof you will be expected to deliver advanced simulated attack engagement to clients across numerous industries. You will be a part of every phase and aspect of Red Team delivery, from initial access to tailored impact scenarios. At Bulletproof we use a blend of cutting edge commercial and internally developed tooling to deliver our engagements. Innovation and a drive to deliver the best possible results for our clients is at the core of everything we do.

Responsibilities

You will act as one of or the sole delivery resource for Red Team engagements at Bulletproof. You will be expected to deliver, full red team engagements, purple teams, assumed breach engagements and look to achieve the required accreditations to join work on regulated projects in the future. You should be able to work independently and as part of a small team, following framework guidance and internal methodologies to deliver complex and bespoke red team engagements. Your responsibilities will include:

• Delivering comprehensive red team operations by serving as the either the primary technical operator or one of a team on both threat intelligence-driven and standard adversarial engagements, where you'll be required to follow scenario execution plans, manage your resources and timelines, and make critical technical decisions that drive successful outcomes in complex, high-stakes environments.
• Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations.
• Collaborate with external teams to deliver training and insights to enhance blue team capabilities, which requires in depth understanding of current tools and techniques, not just how to run them.
• Help define, document, and continuously refine internal technical processes, service methodologies.
• Contribute to ongoing tool development and research actions to help enhance our team capabilities and support the wider community where possible.
• Support with various client pre-engagement interactions, including scoping activities and proposal drafting;
• Provide well-written, concise, technical and non-technical reports in English;
• Develop and deliver in house training where required;
• Support the Marketing team with the development of content (including, but not limited to: Blogs, Social Media Posts, and Articles) to help raise the profile of Bulletproof's Penetration Testing and other services;
• Support the QA process to ensure high quality client reports are delivered in accordance with applicable Service Level Agreement (SLA);
• Perform formal and comprehensive penetration testing assessments if required;
• Any other appropriate job duties in line with the associated skill and experience of the post holder.

Skills, experience & Qualties required

• Be a UK citizen with a right to work in the UK, we are currently not accepting applications outside of the UK or considering visa sponsorship.
• We are looking for someone to join the team and help us drive the service forward from the start, therefore a minimum of 2 years proven prior experience delivering Red Team engagements is essential.
• Strong technical skills within your given specialism(s) e.g. Initial Access, EDR Bypass, Cloud Exploitation, Malware & Exploit Development etc.
• Motivated, able to collaborate, work as part of a team or independently and communicate to clients clearly.
• For UK operations, the ability to hold or maintain security clearance may be required
• Knowledge of how modern offensive and defensive solutions are designed and deployed across different platforms;

Highly valuable skills

• Experience operating on Red Teams within the regulated sector under frameworks such as TIBER-EU/DORA or STAR.
• Strong coding abilities in your preferred language ideally C/C++, GO, Rust, or python.
• Deep knowledge of C2 frameworks and supporting approaches such as operational security and extending functionality on both commercial and open-source frameworks.
• Proven track record of tool development or contributions to open-source projects.
• Deep technical familiarity with offensive and defensive concepts and protocols.
• Extensive understanding of MITRE ATT&CK framework, and various security frameworks associated with red teaming such as TIBER-EU.

Qualifications

Any of the following qualifications are preferred.

• Recognised Red Team specific qualifications such as CCSAS/CCRTS, CRTO, CRTL, OSED, OSCE, CRTM/PACES
• GXPN, GPEN, OSCP, GWAPT or similar certifications may also be considered

Personal Attributes

• Excellent spoken and written communication skills with strong attention-to-detail and accuracy;
• A passion for security and networks;
• Analytical and problem-solving skills with a can-do attitude and the ability to think laterally;
• Self-motivation with a commitment to continued development;
• Ability to work independently and as part of a team;
• Influencing and negotiation skills with the ability to build relationships at all levels;
• Willingness to learn.

Benefits

• 25 days annual holiday;
• An additional day’s annual holiday for your birthday;
• Company Pension contribution;
• Generous uncapped bonus scheme;
• Subsidized gym membership;
• Perkbox employee benefits platform;
• Frequent team events;
• Relaxed working environment;
• Private Healthcare (individual cover only);
• Financial support to study for and achieve additional red team qualifications;
• Additional Learning Allowance Benefit – a reimbursable benefit of £100 per annum (or equivalent) for you to spend towards your personal career development;
• Flexible working policy.

Company Overview

Bulletproof’s innovative cyber security & compliance services are the best way to stay ahead of the hackers, manage risk, and protect your critical business data. Bulletproof’s core belief is driving innovation through our range of services to deliver true value. We operate in the UK market as Bulletproof, and internationally via our sister brand Target Defense.

Bulletproof’s services are split across three core areas:

• Cyber Security
• Data Protection
• Information Security

Key to our success is our friendly and knowledgeable staff, across service delivery and internal teams. We deeply value our team and make sure everyone’s experts in their individual disciplines, holding relevant qualifications and certifications.

Please note that as part of the recruitment process a criminal records check will be carried out by an authorised third party.