Adversary Simulation Specialist

Basic Function

The Adversary Simulation Specialist will be responsible for testing and evaluating the security of a LyondellBasell’s networks, systems, and applications. This role involves conducting application assessments, vulnerability assessments, penetration testing, and ethical hacking to identify and exploit vulnerabilities to improve the organization's security posture. The individual will also perform adversarial emulation and simulated attacks to test security controls and identify potential vulnerabilities in the environment. 
Travel: 10%

Roles & Responsibilities

• Identify and mimic the tactics, techniques and procedures of threat actors or threat groups, and the campaigns they execute against similar organizations or industries
• Conduct research, penetration testing, application and vulnerability assessments on external-facing resources and internal assets to determine risks
• Deliver key findings and improvement suggestions to determine if systems and infrastructure are properly tooled and resourced to defend against sophisticated attackers
• Research and integrate tools, processes, and techniques to improve vulnerability analysis, forensics capabilities, network and data security, and threat management
• Produce assessments on cyber threats, attacks, and external incidents
• Create written and verbal products for internal stakeholders to assist in proactively addressing cyber threats and mitigating risk
• Participate in threat hunting activities and incident response, as needed
• Stay current with the latest offensive security trends and techniques, including new exploits and vulnerabilities
• Continuously evaluate and improve the organization's offensive security program 
• Collaborate with other members of the security team, such as Cyber Threat Intelligence team, incident responders, threat hunters and security analysts, to identify and mitigate threats

Min. Qualifications

• BE or equivalent degree
• 5+ years related experience in one or more of the following: offensive security, penetration testing, exploit development, cybersecurity
• 2+ years related experience in red/purple team
• Effective communication skills in writing and speaking with an emphasis on report creation and sharing

Preferred Qualifications

• Knowledge of advanced cyber threats, adversary methodologies, and cyber threat intelligence
• Experience writing code in one or more programming language (Python, C, JavaScript, Java, etc.)
• Related certifications such as the OSCP, OSEP, GPEN or CEH
• 3+ years of experience on coordination and execution of Web application, network, and system penetration tests with good understanding of OWASP TOP 10
• Knowledge of MITRE ATT&CK and its use within the cybersecurity community (e.g., open-source projects)
• Experience with encryption protocols (i.e., SSL/TLS) and algorithms (RSA, AES, etc.)
• Expertise on application security including web application penetration testing, debugging, and reverse engineering
• Experience in red teaming, penetration testing, exploitation
• Experience in incident response (hunt), blue teaming, and purple teaming
• Must be a strong technical leader in the analysis and communication of information security vulnerabilities and their risk to an enterprise
• Good project management skills and familiarity with ensuring security-by-design inside of a System Development Life Cycle (SDLC) process, GitHub Advanced Security experience is recommended
• Familiarity with attack emulation/penetration tools, Tenable Nessus, Kali Linux, Metasploit, Burp Suite, Cobalt Strike, etc.

Competencies