Red Team Lead – Adversarial Simulation

XINTRA is a cybersecurity company offering advanced labs and training for mid to large enterprises. We are a tight team that work remotely and have a strong emphasis on work life balance. You will be joining a very ambitious team where your opinions will be valued and you will be able to make an impact on the direction of where the company is going.

We are looking for a red teamer who:

Values independence and takes pride in their work

Wants to do research with NO consulting / reporting

Want to work around ambitious, intelligent people who challenge them

Enjoy solving problems and coming up with new solutions

Not afraid to take a risk, try new things, fail and bounce back

Have a desire to innovate and contribute to the industry

We are not looking for people who:

Enjoy being told what to do step-by-step

Don’t think outside the box

We are looking for a full time Red Team Lead who will be performing adversary simulations on various different APT/Commodity groups for our labs.

As a Red Team Lead, you’ll be building and delivering our lab emulations. You’ll be tasked with various different APT/Commodity groups to emulate and you will work in a team (with incident responders, developers and infrastructure engineers) to make sure the emulation is as close to possible. This role assumes you have had previous experience red teaming (working on active engagements) and have the skills to custom code malware and tools where needed.

Adversary Emulation – Research and simulate APT-style attacks from end-to-end (meaning reconnaissance all the way through to exfiltration) across network devices, and various OS’s. These emulations will be performed in a different mock environment each time.

Covert Operations – Execute stealthy emulations with evasion techniques to bypass modern detection tools (we will not disable AV, EDR). 

Malware Development – Have the ability to custom code malware to emulate existing malware / tools used by APT/Commodity groups in ops

Custom Exploit Development – Develop payloads, utilise existing C2 frameworks, and write / build exploits to test defenses.

Internal Tools Development – Work with our existing team to automate and develop internal red team frameworks to leverage on emulations. 

Collaboration – Work alongside incident responders, threat intel people and infrastructure people to refine the emulation labs 

Timelining Activity – Document findings in an attacker timeline and write attack briefs. There is no reporting needed.

Proven skills in red team ops and adversarial emulation

Proven skillset in building offensive tools, custom coding malware or writing exploits

We do not care if you have no certs. We want people with skills who have a passion for this.