As a member of the red team you provide the technical expertise required to carry out internal and external hacking exercises. You will seek out and bring to light company crushing vulnerabilities in real world scenarios using any methods at your disposal. From here you will create and provide presentations to executive management highlighting outcomes of the team’s operations with recommendations for remediation or mitigation.
This is a position for highly driven autonomous security professionals that work well in a team-oriented environment.
- Plan and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on critical functions.
- Be flexible with regard to schedule to accommodate the most effect time to carry out attack campaigns depending on objectives defined.
- Design and develop scripts, frameworks, tools, and the methods required for facilitating and executing complex attacks, emulating malicious actor behavior aimed at avoiding detection.
- Review results of any operation in order to determine severity of findings and identify potential remediation or mitigation strategies.
- Work in a fast-paced, tightly knit and coordinated team within a highly technical environment and have the willingness to learn new skills as required.
- Compile and present comprehensive campaign results to process / system owners as well as senior leadership.
- Create extensive documentation and be able to present your findings to the rest of the team or subject matter experts as necessary.
- Define and develop agenda for training and educating employees on advanced exploits, tools and frameworks.
- Research emerging technologies and exploitation methods relevant to the company.
- Explore opportunities to discover previously unknown or undisclosed vulnerabilities.
- Execute on your comprehensive knowledge and specialization in assigned area of skill in complex and challenging situations.
- Possess and employ a high level of proficiency in one or more disciplines employed within the red team, such as web applications, system exploitation, network based attacks, reverse engineering, social engineering, etc.
- Bachelor’s degree in Computer Science, Information Security, a related program, or equivalent work experience
- A minimum of 6 years’ of professional experience in information security as a penetration tester, reverse engineer, researcher or threat analyst / IR team member
- Able to operate at an advanced level of written and spoken communication
- Prior experience or expertise performing red team operations
Disciplines / Specializations Preferred
- High level of knowledge in application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning, and anything else a minion of Diablo would perform
- Experience with writing and demonstrating proof of concept work from an exploitation or attack perspective
- Capable to create and employ modules and tailored payloads for common testing frameworks or tools
- Extensive understanding of cryptography, its role in the enterprise, and its strengths as well as weaknesses
- Knowledge of tactics, techniques, and procedures that could be used for recon, persistence, lateral movement, and exfiltration
- Programming exposure and familiarity with languages such as C /C# / C++, Java, or Assembly
- Proficiency in one or more scripting languages, e.g. Perl, Python, PowerShell or shell scripting
- Prior experience with reverse engineering, malware analysis, and forensic tools
- Solid understanding of networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls and their roles in security
- Knowledge of access control methodologies, network / host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
- Knowledge or experience in infiltration of physical systems such as lock picking, social engineering, and hardware authentication bypass
- Experience with hardware hacking or building custom hardware for the purpose of exploitation
Required Application Materials
- Cover Letter (optional) which should include:
- Why you are interested in working at Blizzard
- What games you are currently playing
Blizzard Entertainment is a global company committed to growing our employees along with the business. We offer generous benefits and perks with an eye on providing true work / life balance. We’ve worked hard to foster an intensely collaborative and creative environment, a diverse and inclusive employee culture, and training and opportunity for professional growth. Our people are everything. Our core values are real, and our mission has never changed. We are dedicated to creating the most epic entertainment experiences...ever. Join us!
Blizzard Entertainment è un'azienda che attua una politica di pari opportunità. Tutti i candidati qualificati verranno considerati per l'impiego senza distinzione di razza, colore, religione, sesso, orientamento sessuale, identità di genere, espressione di genere, provenienza o qualunque altro status speciale previsto dalla legge, e non saranno discriminati in base a una qualsivoglia disabilità.
Richieste di alloggio: siamo impegnati nel fornire ragionevole assistenza agli individui con disabilità fisiche e mentali. Se ricadi in queste categorie e necessiti di un alloggio per candidarti a una posizione aperta, invia la tua richiesta via e-mail a email@example.com. Richieste di impiego generiche non possono essere accettate né elaborate in questa sede. Grazie per l'interesse dimostrato.
Nota per i reclutatori e le agenzie di collocamento: non accettiamo curricula non richiesti inviati da tali agenzie. Vi preghiamo di non inviare curricula di agenzia sul nostro sito o ai nostri impiegati. Non pagheremo tariffe a nessuna agenzia terza, reclutatore o azienda salvo in caso di contratti mutualmente sottoscritti, e non sarà responsabile per qualsiasi tariffa di agenzia associata a curricula non richiesti. I curricula non richiesti saranno comunque considerati proprietà di Blizzard Entertainment e saranno trattati di conseguenza.