Vous êtes unique, comme le sont votre parcours, votre expérience et votre façon de voir les choses. Ici, on vous encourage et on vous motive à donner le meilleur de vous-même, et on vous donne les moyens de le faire. Vous travaillerez avec des collègues dynamiques – experts dans leur domaine – qui sont impatients de partager leurs connaissances avec vous. Vous aurez des gestionnaires inspirants qui vous aideront à développer votre potentiel et à atteindre de nouveaux sommets. Chaque jour, vous aurez de nouvelles occasions de rendre la vie de nos Clients plus radieuse – ils sont au cœur de tout ce que nous faisons. Découvrez comment vous pouvez faire une différence dans la vie des gens, des familles, des collectivités – ici et partout dans le monde.
De scription de poste :
Position Summary:
The primary objectives for the Information Security team are to protect confidential and sensitive information and to maintain operational stability resulting from cyber-attacks. Offensive Security (Red Team members) contribute to these objectives by performing assessments that proactively identify security exposures within the Sun Life environment that go beyond the realm of traditional penetration testing. A successful senior red team operator, specializing in offensive security, must possess a diverse set of competencies to effectively simulate cyberattacks and identify vulnerabilities within an organization's systems. Firstly, a deep understanding of various attack vectors and techniques is essential, including knowledge of malware, social engineering, and exploit development. Additionally, proficiency in network and application penetration testing is crucial for identifying weaknesses in infrastructure and software. Strong analytical skills are necessary to assess risks and prioritize targets accurately. Effective communication skills are vital for conveying findings and recommendations to stakeholders. Finally, adaptability and creativity are indispensable traits for devising innovative attack strategies and staying ahead of evolving threats in the cybersecurity landscape.
What you will do
The essential functions and responsibilities of this position include but are not limited to the following:
- Plan, carry out, and report on Red Team assessments, attack simulations and adversary emulation exercises to identify vulnerabilities in critical information systems.
- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, and social engineering assessments.
- Develop scripts, tools, and programs for Red Team operations.
- Manage, maintain, and improve an OPSEC-focused state-of-the-art command-and-control (C2) red team cloud environment (AWS, Azure, GCP ,Digital Ocean)
- Assist with and develop security control evasion and bypass capabilities.
- Work with other parts of the business to develop a method for testing detection capabilities through Purple Team Exercises and Red Team exercises (e.g., IA scenarios, AB scenarios etc.)
- Research latest threats and adhere to guidelines on Red Team Frameworks
Assist in the production of weekly/ monthly reports on security vulnerability trending and direction.
-
Position Requirements and Qualifications:
- 5-7 years’ experience in an offensive security / penetration testing role.
- University degree in computer science, computer engineering or computer security.
- Strong, demonstrable experience in offensive security programming and automation languages: C, C++, ASM, C#, JavaScript, PowerShell, Rust, Nim etc.
- Minimum 2 years mentoring junior and mid-level operators on red team tradecraft
- Minimum 4 years of experience in delivering technical red team reports and briefings
- A general understanding of information security concepts and security trends and practices
- Problem solving with creative solutions.
- Maintain high technical knowledge of systems and solutions.
- Industry certifications (OSCP/SANS/CEH/CISSP, CPTS) are a strong asset.
- Understand operation systems (OS), network protocols, application configuration with excellent report-writing skills.
- Strong communication and presentation skills
Preferred knowledge or qualifications in the following:
- Experience in leading grey/black hat engagements from start to finish.
- Network, Application or Mobile Penetration testing experience.
- Experience in reverse engineering (including x86)
- Offensive Security tooling experience: Cobalt Strike, EDR Evasion, Social Engineering platforms, Malware techniques, Custom tooling, and pipeline development.
- Proficient in Active Directory exploitation (On-Prem and Cloud)
- Related projects in cybersecurity, programming, etc.
- OSINT (Open-source intelligence gathering)
- Social engineering techniques and tactics
- Défense in depth security concepts including MITRE framework.
- IaaS and SDN Cloud Environments (AWS, Azure, Digital Ocean)
- Interpreted languages (Ruby, Python, PHP, etc.)
- Compiled languages (Java, C, C++, Assembly, etc.)
- Windows/Linux/UNIX/OSX internals
Salary Range: €62,200 - €93,300
At our company, we are committed to pay transparency and equity. Your actual base salary will be determined based on your unique skills, qualifications, experience, and education. In addition to your base salary, this position is eligible for a discretionary annual incentive award based on your individual performance as well as the overall performance of the business. We are dedicated to creating a work environment where everyone is rewarded for their contributions.
Catégorie d'emploi :
Services technologiques - TI
Fin de l'affichage :
28/08/2026