IT Red Team Specialist (One-Time Engagement)
We are urgently seeking a highly skilled Red Team IT Specialist for a critical, one-time engagement. This project focuses on stress-testing and strengthening the cybersecurity posture of enterprise IT infrastructure. You will simulate real-world cyberattacks to identify vulnerabilities, achieve initial access, conduct post-exploitation activities, and evaluate detection and response capabilities while providing actionable remediation strategies.
Scope of Work & Objectives
• Target Environments:
Enterprise IT infrastructure, including:
-Active Directory environments
-Cloud platforms (Azure/AWS/GCP)
-Web applications and APIs
-Internal networks
-Endpoints and identity systems
-OT/ICS environments (where applicable)
• Primary Objective:
Assess the organization’s overall security posture by emulating real-world threat actors, identifying security weaknesses, and evaluating detection, response, and recovery capabilities.
• Red Team Operations:
Scenario-based adversary emulation aligned with the MITRE ATT&CK (Enterprise Matrix).
• Attack Simulations:
Initial access via phishing, payload delivery, and credential harvesting
-Active Directory exploitation (Kerberoasting, Pass-the-Hash, Golden/Silver Ticket attacks)
-Web application and API exploitation
-Lateral movement and privilege escalation
-Data exfiltration simulations
-Persistence mechanisms and command-and-control (C2) operations
-Firewall, EDR, and detection evasion techniques
Key Deliverables
-Detailed attack narrative and adversary path documentation
-Risk-based vulnerability assessment and impact analysis
-Detection gap analysis (SOC visibility & response assessment)
-Executive-level risk summary
-Tactical remediation roadmap
Required Expertise
-Proven experience in enterprise Red Team engagements
-Strong knowledge of Windows internals, Active Directory, and identity-based attacks
-Hands-on experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic)
-Deep understanding of network protocols and enterprise architectures
-Familiarity with cloud security testing (Azure/AWS/GCP)
-Strong reporting experience for executive and technical audiences
Required Skills
Experience:
-5+ years of hands-on experience in Red Teaming, penetration testing, or offensive security
-Minimum 2+ years conducting VAPT specifically in OT/ICS environments
OT/ICS Expertise:
-In-depth knowledge of industrial control networks, SCADA systems, and OT security
-Familiarity with industrial protocols such as Modbus, DNP3, BACnet, OPC UA, and Profinet
Offensive Tools:
-Proficiency with Cobalt Strike, Metasploit, Empire, BloodHound, Mimikatz, Burp Suite, etc.
-Familiarity with C2 frameworks like Mythic or Sliver is a plus
Tactical Execution:
-Proven experience with AD attacks
-Advanced lateral movement techniques
-Experience bypassing firewalls, EDR, and network anomaly detection systems
Scripting/Development:
-Proficiency in Python, PowerShell, Bash, and C/C++ for exploit development and automation
Specialized Knowledge (Preferred):
-RF security
-Hardware/embedded device security
-Firmware analysis
-Application Requirement
Interested candidates are requested to submit a detailed proposal or scope document outlining:
-Proposed testing methodology
-Tools and frameworks to be used
-Engagement phases and timeline
-Required access/assumptions
-Reporting structure and deliverables
-Estimated effort and pricing
Only candidates who provide a structured proposal or scope document will be considered.