Adversary Emulation Engineer

· 3+ years post-related experience
· Proven experience in either penetration testing, red teaming or adversary emulation for at least 3 years
· Understanding of the principles of adversary emulation (red/purple teaming)
· Ability to develop and execute adversary emulation scenarios
· Understanding of tactics, techniques and procedures of threat actors based on MITRE ATT&CK Framework
· Ability to create and execute custom scripts to simulate attack activities
· Understanding of the various types of detections available (defence in depth)
· Knowledge of the latest security trends and best practices
· Ability to create and use custom tools to automate and optimize the adversary emulation process
· Knowledge of the principles of IT security, risk and compliance
· Experience with security testing tools and methodologies, such as fuzzing, static and dynamic application security testing, and penetration testing
· Knowledge in system and network administration of UNIX and Windows systems
· Use of penetration testing tools, techniques, and recognized testing methodologies
· Scripting skills in Python
· Technical knowledge in system and network security, authentication and security protocols, cryptography and application security
· Ability to evaluate risks and formulate mitigation plans
· Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan for several different audiences

DUTIES/ROLE:
· Lead and/or be part of the Red/Purple Team during assessments
· Develop and execute complex adversary emulation scenarios
· Create custom scripts in python to simulate attack activities
· Utilize detections to improve the effectiveness of adversary emulation scenarios
· Create and use custom tools to automate and optimize the adversary emulation process
· Provide security design reviews to ensure compliance with company policies and directives
· Provide security consultancy and advice to projects, plans, and other entities
· Brief at both executive and technical levels on security reports and testing outcome
· Ensure proactive collaboration and coordination with internal and external stakeholders
· Ensure compliance with IT security, risk and compliance principles
· Responds to ad-hoc tasks given by the chain of command

Deliverables:
· Provide an average of 139 hours/month working on-site, embedded in the NCSC Penetration Testing and Adversary Emulation Cell located in SHAPE, Casteau, Belgium
· High-quality reports on the results of adversary emulation assessments as directed by Lead Engineer NCSC
· Provide variety of deliverables associated to any duty (described in above)
· Provide accurate and complete deliverables in accordance with internal processes
· Responsible for complying with all applicable local employment laws, in addition to following all SHAPE & NCIA on boarding procedures. Delivery of the service cannot begin until these requirements are fulfilled
· Each provider of this service must pass an assessment to demonstrate proficiency before being approved to provide the service. The assessment will follow a brief familiarisation period
· Shall not be required to work on NCIA holidays