Be an early applicantLess than 25 applicants

Company

Original Job Post

UBS · 2 days ago

Red Team Operator / Security Tester

Raleigh, NC

Full-time

Onsite

Mid Level

1+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Asset ManagementBanking

H1B Sponsorship

Actively Hiring

Insider Connection @UBS

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Join a growing in-house red teaming and offensive security capability.

Execute all phases of offensive security operations participating in both red and purple team testing.

Develop scripts, tooling, and methodologies to support offensive security capabilities.

Assist in providing risk appropriate and pragmatic recommendations to correct identified findings, vulnerabilities, and misconfigurations.

Understand and adhere to regulatory, compliance, and legal requirements that impact business operations.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Penetration TestingRed TeamingPurple TeamingOffensive Security ToolsMetasploitNessusBurpKali LinuxCommandoVMC2 FrameworksCobalt StrikeBrute RatelSliverNighthawkAutomationPythonBashScripting LanguagesOpen-Source ToolsDocumentationProcess DiagramsDataflow DiagramsArchitecture DiagramsMITRE ATT&CK FrameworkTTPsCyber AttacksOPSEC ConceptsCyber Security Incidents InvestigationEnterprise Security EnvironmentSIEM

Required

One to three years of experience in an offensive security role, such as penetration testing, and a desire to move into the world of red and purple teaming.

Experience with offensive security tools, such as Metasploit, Nessus, Burp, Kali Linux / CommandoVM or C2 frameworks (e.g. Cobalt Strike, Brute Ratel, Sliver, Nighthawk).

Experience in automation using Python, Bash, or other scripting language ideally coupled with the ability to experiment and tweak newly developed open-source tools written in scripting languages.

Efficient documentation skills to capture the right level of detail at the right level of abstraction while creating process/dataflow/architecture diagrams, or documenting instructions.

Knowledge and understanding of MITRE ATT&CK framework and TTPs of cyber attacks at a conceptual level.

Knowledge and understanding of OPSEC concepts in attack emulation.

Preferred

Experience in a blue team role investigating cyber security incidents in a modern enterprise security environment (including SIEM, EDR, etc) is a big plus.

Experience in system administration and/or engineering experience with Linux and Windows operating systems is a plus.

Experience with OSINT, phishing / social engineering, vulnerability research, reverse engineering and exploit development is a plus.

Experience with cloud (Azure, AWS) technologies is a plus.

Experience programming in C, C++, C#, Rust, Nim or in Assembly is a plus.

Offensive Security certifications (such as OSCP or OSEP), SANS certifications (such as GXPN, GPEN, GWAPT, GREM), or other training in red teaming operations are a plus.

Company

UBS

Glassdoor

3.9

UBS is a global financial services company that engages in wealth management, investment banking, asset management, and retail banking.

Founded in 1862

Zürich, Zurich, CHE

10,001+ employees

https://www.ubs.com

H1B Sponsorship

UBS has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (2)

2022 (5)

2021 (6)

2020 (3)