Red Team Security Lead (M/F/D)
Nord Security is a leading cybersecurity solutions provider with the product family of five advanced cybersecurity solutions: NordVPN, NordLayer, NordPass, NordLocker, and NordWL. We have one true goal - to give true online privacy and security to as many people as we can. The risk department controls everything risk-related, including secure information and applications. We collaborate to develop scripts and security automation tools to enhance application security testing processes, perform application security scans using SAST/DAST tools, ensure that mobile/desktop applications are sufficiently tested, and assist with internal and external audits.
What You Will Do
- Understand and conduct red team assessments against internal, public-facing, and cloud assets for Nord Security products;
- Create detailed engagement plans, execute operations, and emulate adversary Tactics, Techniques, and Procedures (TTPs);
- Incorporate current security trends, advisories, publications, and academic research;
- Thoroughly documenting timelines, attack paths, findings/gaps, and recommendations;
- Collaborate with service/systems owners, Group Security, SOC, and management layer to influence, prioritize, and drive the resolution of discovered security findings;
- Identify complex security vulnerabilities and build exploits.
What We Expect
- Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent and 5+ years of professional experience in cyber security or related field;
- Experience working on a remotely distributed team;
- Ability to translate complex findings into interpretable and simple outputs;
- Analytic sharpness and ability to think like a threat actor or attacker;
- Good knowledge of MITRE ATT&CK frameworkIntermediate knowledge of one or more programming or scripting languages;
- Extending or modifying exploits, shellcode, or exploit tools;
- Understanding of Unix/Linux/Mac/Windows operating systems, including bash and Powershell;
- Technical knowledge of systems in a multi-tenant, cloud environment;
- Effective written and verbal communication skills.