Adversary Emulation (Red Team Operator)

Role Overview:

Your primary responsibilities will include conducting sophisticated red teaming exercises including recreating advanced attacks, often unannounced, involving evasion of multiple layers of defenses and involving testing of the SOC’s procedures, penetration tests, developing threat simulation methodologies, and identifying vulnerabilities before they can be exploited. Working closely with cross-functional teams, you will help enhance our defensive mechanisms and contribute to a culture of security awareness. Your expertise will ensure that McAfee’s workforce is safeguarded against emerging security threats, maintaining our commitment to creating a secure operational environment.
This is a remote position; however you may be required to be onsite at our Bangalore office on as-needed basis.

About the Role:

• Conduct advanced adversarial emulation and penetration testing to uncover vulnerabilities and assess the effectiveness of our defenses.
• Alternate operations between full unannounced red team, purple team and traditional penetration testing scenarios.
• Design and implement complex attack simulations to mimic sophisticated threat actors, staying ahead of current threat landscapes, automating where possible.
• Work with the SOC to collaborate on the creation of indicators of compromise (IOCs) and contribute to the enhancement of defensive strategies.
• Engage with cross-functional teams to address and resolve security issues and ensure compliance with security policies or discuss having these upgraded if necessary.
• Advocate for and implement additional security measures to address current and anticipated security challenges.
• Prepare detailed reports and debriefs on Red Team activities, presenting findings and recommendations to technical and non-technical audiences alike.

About You:

• Looking for 3 to 5 years relevant experience in Red Team operations and traditional penetration testing.
• Microsoft Active Directory environments within hybrid, multi-cloud organizations.
• C2 frameworks such as Cobalt Strike, Havoc, Sliver, Mythic, etc.
• Dev/automation, threat modelling, TTPs, and offensive security frameworks such as MITRE ATT&CK.
• Excellent communication skills with the ability to explain complex security issues and their implications in an appropriate fashion to a variety of stakeholders from executive leadership team to legal executives, to technical employees implementing the fixes and anything in between.
• Initiated and led projects that improve security postures through innovative approaches and advanced security technologies.

#LI-Hybrid

Company Overview

McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment.

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Bonus Program
• Pension and Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement

We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.