Senior Information Security Engineer - Ethical hackers team

Global Logistic company is looking for a new member of their Cyber Defense Center team of “Ethical Hackers” (Red Team) - Senior Information Security Engineer

What will be your key responsibilities:

Your main responsibilities:

  • planning and running Red Team Cyber Operations - Red/Blue team exercises, breach attack simulations (BAS), DDoS attack simulations, etc.


  • supporting vulnerability management program, social engineering attacks against employees, research of selected cyber tools, tactics, processes within company's environment, tests point security controls and attack techniques (MITRE ATTACK), and other.


  • work closely with Cyber Defense Center Monitoring, Incident Response Team (CSIRT) and Security Engineering teams.



Summary of responsibilities:

  • Running of attack simulations (manual and automated)


  • Design, develop DDoS simulations / attacks against company infrastructure


  • Testing new vulnerabilities and their mitigation


  • Research cyber threats and simulate selected TTPs (tools, tactics and processes)


  • Planing and executing social engineering attacks against internal employees.


  • Testing of SIEM and other technologies detection capability of specific attacks (MITRE ATTACK framework).


  • Support security incident response function for selected situations, test prevention and containment counter measures, validate exposure, hunt for specific artifacts, other.


  • Support Security Analysts’ training and development program - running demonstrations, workshops and Red/Blue team exercises.

What experience should you have:

  • Experience in Penetration Testing, “white hacking” and Red Team concepts


  • Very good programing language skills (Python, Shell, PowerShell, C#) and system administration capabilities (to run RT infrastructure)


  • Good understanding of Common Cyber Attack techniques and principles - MITM, Cyber Kill Chain, MITRE ATTACK framework


  • Good understanding of Distributed Denial of Service attack (DDoS) techniques and in general Internet / network protocols.


  • Experience in Information Security Incident Response management (ISIRT/CSIRT).


  • Understanding of Intrusion Prevention Systems (IPS on host and network level), EndPoint Protection Platform (EPP), EndPoint Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions.


  • Understanding of Information Security common body of knowledge - ISC2, SANS, ISO270xx, OWASP.


  • Understanding of Threat and Vulnerability Management (TVM) practices.

What do you get in return:

  • Opportunity to become a member of great team of IT professionals, future professional development


  • Home office possibilities


  • Permanent contract


Except good money and yearly bonus you will be provided by following benefits: Company car, pension plan, CAFETERIA program, 25 days of holiday , salary compensation due to illness, fully covered lunch vouchers, Multisport card, etc

Mám zájem o tuto pozici

Poslat nabídku na e-mail

Další pozice v oboru Informační technologie, region Prague

IT analytik se znalostí Elastic stacku

  • Epptec
  • Praha hl.m.
  • Dohodou

Pro strategický projekt v bankovním prostředí hledáme zkušeného IT analytika, který se nebojí ponořit do hlubin logů a pomáhat firmám chytře pracovat s daty. Hledáme konzultanta nebo konzultantku,…

IT analytik se znalostí Elastic stacku

Recruitment Partner (IT Contracting)

  • HOFMANN WIZARD
  • Praha hl.m.
  • Dohodou

Hledáme zkušeného sourcera nebo recruitment partnera, který nechce jen plnit zadání, ale být součástí něčeho nového. Společně s naším vedením budete tvořit oddělení sourcingu v oblasti IT – v rámci…

Recruitment Partner (IT Contracting)

Junior BI Konzultant

  • Greyson Consulting
  • Praha hl.m.
  • Dohodou

Máš zájem a chuť se rozvíjet v oblasti Business Intelligence / DWH a máš alespoň základní znalost SQL? Pak hledáme právě Tebe! Náš tým bychom rádi posilnili o nového kolegu/kolegyni na pozici Junior…

Junior BI Konzultant