Red Team Security ResearcherPrimary Location Plano, Texas Date posted 02/11/2020
Job Title:Red Team Security Researcher
US, Texas, Plano
From device to cloud, McAfee provides market-leading cybersecurity solutions for both business and consumers. We help businesses orchestrate cyber environments that are truly integrated, where protection, detection, and correction of security threats happen simultaneously. For consumers, McAfee secures your devices against viruses, malware, and other threats, both at home and away. We want to continue to shape the future of cybersecurity by working together to build best in class products and solutions.
McAfee LLC is looking for a red team researcher who has a good understanding of cyber attacks and related TTP’s. You will utilize your skills to simulate cyber-attacks with the purpose of identifying gaps in our content and products. The qualified applicant will work closely with blue team researchers, developers and architects to help make our existing and new products more robust against a wide variety of attack scenarios. You will utilize and build tools and automation with the goal of subverting our products. Your findings will be presented by developing reports and providing demos detailing the success and failure points in your evaluation. You will share your findings with multiple stake holders and management and help improve processes and procedures for validation and measurement.
About the Job:
- Implement different attack scenarios for manual and automated Red Team tests
- Design & develop automated test cases and frameworks to test against content and products.
- Develop automation to generate detection efficacy and gap analysis reports
- Study malware families to identify and abstract related Tactics, Threats, and Procedures (TTP’s). Developing unit test cases and independent implementations of such TTP’s such that they can be automated.
- Present your analysis and risk assessment. Coordinate efforts with stake holders to drive closing of identified gaps. Advise on methods to fix or lower security risks to systems.
- Perform competitive analysis of our products using standard industry methodologies like, but not limited to, the MITRE ATT&CK Matrix.
- Maintain a repository of attack tools and generate samples with each of them to help content teams improve coverage. Develop automation grammar, test plans and execution criteria for directed testing.
- Maintain a list TTP’s and their mapping for various APT groups, attack tools and malware families.
- You have experience with Red teaming tools and kill chain techniques involving reconnaissance, exploitation, persistence, AV Evasion, C2 set up, data ex-filtration and other post exploitation activities.
- You have extensive knowledge of malware TTP’s and malware research.
- Possess the ability to abstract TTPs, capabilities, environments and integrate findings into Red Teaming operations.
- Extensive knowledge of attack tools (examples: Metasploit, Cobalt Strike, Empire Agent, etc.) and their use on varying platforms.
- You have good understanding of the MITRE Att&ck Framework. Practical knowledge of various file and file-less techniques utilized by malware and related tools.
- Experience in conducting red teaming exercises and building automation and related test infrastructure.
- You have strong Shell scripting or automation of simple tasks using Python, Ruby or C/C++/C#.
- Working knowledge of SQL, no-SQL technologies and analytics tools.
- You think outside the box and find innovative ways to by-pass tools. A hacker mindset with a knack for picking up skills quickly.
- Developing, extending, or modifying exploits, shell code or exploit tools.
- You possess good analytical, programming and problem solving skills
- You are self-motivated with the ability to stretch in times of crisis around virus outbreaks.
- Good understanding of Windows, Linux and Mac.
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Pension and Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.