Job Description

AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life \xe2\x80\x93 such as energy, infrastructure, chemicals and minerals \xe2\x80\x93 safely, efficiently and more sustainably.

We\xe2\x80\x99re the first software business in the world to have our sustainability targets validated by the SBTi, and we\xe2\x80\x99ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We\xe2\x80\x99ve also recently been named as one of the world\xe2\x80\x99s most innovative companies.

If you\xe2\x80\x99re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at https://www.aveva.com/en/about/careers/

The Red Team operator will have experience in conducting offensive security assessments, penetration testing, and red teaming exercises to identify vulnerabilities in our AVEVA\'s systems, networks, and applications. As a Red Team Operator, he/she will be responsible for working with the Red Team Specialist to simulate realistic cyberattacks in controlled environment and systems, identify vulnerabilities, and help to improve overall security posture.

With a goal to further mature the red teaming capabilities (types of services, way of delivery, automation and customization required per environment etc), the Red Team Operator, under the guidance of Red Team Specialist and Manager, will keep on top of the constant changing knowledge of threat actors\xe2\x80\x99 tactics, techniques, and procedures to bring realistic and meaningful solutions to AVEVA. Working with wider AVEVA security teams, blue teams, and other business stakeholders of AVEVA to help them utilize Red Team findings and outcomes of the offensive activities to better defend and mature AVEVA security stance.

Primary Duties

Assist Red Team Specialist to perform Red Team engagements and operation.

Assist Red Team Specialist to execute full-spectrum attack simulations (technology, social, physical).

Perform research to identify novel attack paths for ongoing and future Red Team engagements.

Research trends with regards to adversary tactics, techniques, and procedures, targeting, malware development and implementation.

Support Red Team Specialist with network/infrastructure design and maintenance for Red Team engagements.

Assist with automation of infrastructure and tool development.

Participate in ongoing interactive Purple Team activities through use of tools and manual testing.

Support Red Team Specialist to automate attack techniques, creating custom tooling for specific operations and contributing to general-purpose open-source tools

Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations.

Develop and maintain Red Team reporting dashboard for senior management team.

Collaborate with AVEVA\xe2\x80\x99s Cyber Security Response Team to improve detection and response capabilities.

Collaborate with AVEVA\'s Security Operation Team to propose defensive improvements to AVEVA\xe2\x80\x99s environments.

Collaborate with AVEVA\xe2\x80\x99s Security Compliance teams to propose process and policy enhancements and additions.

Collaborate with AVEVA\xe2\x80\x99s Vulnerability Management Team to prioritize remediation, mitigation, and exploitable vulnerability findings & severity.

Collaborate with AVEVA\xe2\x80\x99s Cyber Threat Intelligence & Hunting Team to provide an adversarial perspective input and prioritize ongoing and future Red Team engagements.

Collaborate with AVEVA\xe2\x80\x99s Security Awareness and Culture team to communicate information security policies, processes, and procedures across the business.

Create and maintain AVEVA Red Team documents to ensure these align with AVEVA Red Team vision and maturity plan.

Reports to Red Team Manager concerning Red Team area, security events & trends, residual risk, vulnerabilities, and other security exposures.

Additional Duties

Under the guidance of Red Team Manager:

Assist Cyber Security Response Team and Security Awareness Analyst with regular Phishing campaigns to help educate employees, consultants and contractors working for AVEVA based upon Incident data to target risky user groups.

Support Red Team Specialist on research and assess new threats intelligence and security alerts and tailor Red Team engagements accordingly in concoction with the vulnerability management team.

Improve AVEVA\xe2\x80\x99s Red Team service procedures and red team playbooks.

Support Red Team Specialist to assist with control improvements, identifying control weaknesses and contributes to vulnerability advisories.

Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices.

Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, incident investigation and security controls.

Assist on reviewing and on-boarding of Red Team technologies and tools.

Contributes through security advisories, blogs, and other communication channels on current and emerging security threats to AVEVA assets and people via the security awareness programme.

Qualifications/Experience

Educational Qualifications

• Minimum 5 years experience in at least three (3) of the following:

Red team operation and engagement

Network penetration testing and manipulation of network infrastructure

Mobile and/or web application assessments

API Security Testing

Email, phone, or physical social-engineering assessments

Shell scripting or automation of simple tasks using Perl, Python, or Ruby

Developing, extending, or modifying exploits, shellcode using offensive tools i.e Pentesting Framework, Cobalt Strike, Core Impact, Burp, etc.

Reverse engineering malware, data obfuscators, or ciphers

Source code review for control flow and security flaws

Application security review and testing

Security risk assessment

• Bachelor\'s degree in information systems or equivalent work experience in relevant information and cyber security domain.
• Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute or other relevant security certifications are an advantage.
• Good knowledge of tools used for mobile, wireless, web application, cloud infrastructure and network security testing.
• Good understanding of network protocols, data on the wire, and covert channels.
• Good hands-on knowledge of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
• Good presentation skills, to include capabilities at technical and non-technical level.

Technical Competency and Experience

• Hands on mentality, with experience in red teaming and ethical hacking \xe2\x80\x93 from technical skills to soft skills
• Red team experience and mindset: creating red team attack scenarios, weakest entry point, creative approach, multiple methods testing, stealthy approach, pivoting, social engineering, phishing and physical security and anything involving the human element
• Experience with various technologies and comfortable to picking up more (OS / tools / development languages / online technologies etc.)
• Ability to stay on top of the fast-changing mindset of red teaming TTPs and tools that go with it to offer successful red team services
• Understand the defensive side, blue team, Security Operations Center (SOC), and security monitoring and response (SIEM, IDS/IPS etc), as well as EDR (e.g., for bypasses), overall monitoring, detection and indicators of compromise, and creating effective red team activities to test these (e.g., developing / using malware, pivoting, escalating privileges, staying stealthy etc).
• Good communication skills and ability to working with all stakeholders, internal and external, finding, advising and implementing the best solutions
• Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary\xe2\x80\x99s tactics and techniques and focus incident response.
• Familiarity with cloud computing environments such as Microsoft Azure and AWS
• Familiarity with Security Operations Centers (SOC)
• Experience exploiting vulnerabilities in at least two of the following areas:
• Web applications
• Cloud environments (Azure / GCP / AWS)
• Linux and/or MacOS workstations
• Software supply chain
• Mobile Applications
• Network environments
• API
• Experience using scripting, automation, and API\xe2\x80\x99s with languages such as Powershell, YML, Json and Python as an advantage.
• Experience using Security Information and Event Management (SIEM) and analysing log data sources
• Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls
• Experience with common information security management frameworks, such as MITRE Att&ck, International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks.

Occupational Personality

Strong analytical thinking skills with strong written and verbal communication and a good attention to detail

Ability to work both independently and collaboratively as a team member, respectful to others, have continuous improvement mentality, have positive curiosity for question and exploring improvement

Ability to interact with AVEVA\'s personnel at all levels and across all business units and organizations, and to understand business objectives and values

A strong internal client focus, with the ability to manage expectations appropriately, to provide a superior internal client experience and build long-term relationships

Passionate about security, with a keenness to develop own skills and share the knowledge within internal Red Team and wider security team

Confident in recording and presenting key findings and conclusions to different levels of the business

AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.

Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.

AVEVA