Senior Cloud Consultant- Red Team Job in Mandiant

Senior Cloud Consultant- Red Team

Apply Now
Job Summary

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Job Description

A successful Cloud Red Team consultant at Mandiantshould possess a deep understanding of both information security and computer science. They should understand basic concepts such as cloud networking, identity and access management, console, applications, functions, and other functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealth-focused operations. This is not a press the pwn button type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. A typical job could be breaking into a web application hosted in the cloud, accessing sensitive information or compromising the environment, all without being detected. If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in cloud infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you re the type of consultant we re looking for.

At Mandiant, you ll be faced with complex problem-solving opportunities and hands-on testing opportunities on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing. The objective doesn t end at gaining global admin or root ; this is expected and is only the starting point.

You are expected to quickly assimilate new information as you will face new client environments on a recurring basis. You will be expected to understand the applicable threat vectors for each environment and assess them properly. You will get to work with some of the best red teamers in the industry, enabling you to develop new skills as you progress through your career. Are you up to the challenge?

Responsibilities:

  • Perform cloud penetration testing, red teaming, remediation activities, and threat analysis assessments
  • Developcomprehensiveand accurate reports and presentations for both technical and executive audiences
  • Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  • Recognize and safely utilize attacker tools, tactics, and procedures
  • Develop scripts, tools, or methodologies to enhance Mandiant s red teaming processes
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

Qualifications

  • 2-3years experience in the following:
    • Azure, AWS, GCP, and Kubernetes
    • Strong knowledgeof IAM, VPCs, Storage containers, Databases, Functions, Logging, APIs, etc.
    • Cloud penetration testing and manipulation of cloud network infrastructure
    • Cloud architecture design
    • Development and usage of Terraform, Docker, Ansible, etc.
    • Shell scripting or automation of simple tasks using Perl, Python, or Ruby
    • Developing, extending, or modifying exploits or exploit tools
    • Function code review for control flow and security flaws
  • Strong knowledge of tools used for cloud and network security testing
  • Thorough understanding of network protocols, data on the wire, and covert channels
  • Mastery of Unix/Linux/Mac/Windows operating systems, including Bash andPowerShell
  • Suitable candidate can be based inPune, Hyderabad, Mumbai, Delhi

AdditionalQualifications:

  • Ability to successfully interface with clients (internal and external)
  • Ability to document and explain technical details in a concise, understandable manner
  • Ability to manage and balance own time among multiple tasks, and lead junior staff when required
  • Incident Response, Incident Remediation, and Security Architecture experience
  • Knowledge of cloud-based CI/CD products, such as AWS Code Pipeline, Azure DevOps, and GCP Cloud Build
  • Knowledge of tools such as Terraform integrated with cloud-based CI/CD products
  • Ability to travel up to 20%
Experience Required :

2 to 3 Years

Vacancy :

2 - 4 Hires

Similar Jobs for you

See more recommended jobs