Share this Job
Apply now »

Adversary Simulation Specialist (m/f/d)

Company Name:  Basell Polyolefine GmbH
Location: 

Wesseling, NW, DE, 50389

Req ID:  71676
Facility:  Wesseling-501
Department:  Information Security
Division:  Global Business Services

LyondellBasell (NYSE: LYB) is one of the world’s largest plastics, chemical and refining companies and a member of the S&P 500. LyondellBasell (www.lyondellbasell.com) manufactures products at 55 sites in 17 countries.  LyondellBasell products and technologies are used to make items that improve the quality of life for people around the world including; packaging, electronics, automotive parts, home furnishings, construction materials and biofuels.

 

BASIC FUNCTION:

 

This role will define and execute automated and manual vulnerability assessments, identify and report vulnerabilities in applications, platforms and network components to prepare networked defenses and staff for the highly sophisticated targeted attacks our organization will face.  The role is part of the Offensive Security Team and works closely with the Incident Response team as well as the application developers/owners to ensure the security and reliability of critical electronic systems.

 

Travel: 10% 

 

RESPONSIBILITIES AND ACCOUNTABILITIES:

  • Identify and mimic the tactics, techniques and procedures of threat actors or threat groups, and the campaigns they execute against similar organizations or industries
  • Combine cyber threat intelligence with vulnerabilities to simulate relevant threats, evaluate client incident response (IR) capabilities, help security operations teams prepare for worst-case scenarios
  • Deliver key findings and improvement suggestions to determine if systems and infrastructure are properly tooled and resourced to defend against sophisticated attackers
  • Foster security awareness culture, mentor team members, perform presentations and demonstrate hacking techniques
  • Publish relevant security standards, practices, guidelines and processes
  • Research and integrate tools, processes and techniques to improve vulnerability analysis, forensics capabilities, network and data security, and threat management
  • Effectively communicate findings to stakeholders at all levels across the organization
  • Conduct research, penetration testing, and vulnerability assessments on external-facing resources and internal assets to determine risks
  • Maintain regular focus on latest industry techniques, tools and research; be able to develop and explain technical decisions and separate fact from opinion and speculation
  • Improve overall cyber resilience to the next level of maturity and effectiveness

 

Minimum Qualifications:

  • Bachelor of Science or equivalent experience
  • 3 years related experience with information technology, information security and application penetration testing
  • Experience in one or more of the following: cyber operations, red teaming, exploit development, incident response/hunt, cybersecurity research and development
  • Strong written and verbal communication skills

Preferred Qualifications:

  • Knowledge of advanced cyber threats, adversary methodologies, and cyber threat intelligence
  • Experience writing code in one or more programming language (Python, C/C++, JavaScript, Java, etc.)
  • Related certifications such as the OSCP or CEH
  • 2+ years of experience on coordination and execution of Web application, network, and system penetration tests with good understanding of OWASP TOP 25
  • Knowledge of ATT&CK and its uses within the cybersecurity community (e.g., Open Source projects)
  • Experience with encryption protocols (i.e., SSL/TLS) and algorithms (RSA, AES, etc.)
  • Familiarity with attack emulation/penetration tools, ie. APT Simulator and Metasploit
  • Expertise on application security including web application penetration testing and debugging and reverse engineering
  • Experience in red teaming, penetration testing, exploitation
  • Experience in incident response (hunt), blue teaming
  • Must be a strong technical leader in the analysis of information security vulnerabilities
  • Good project management skills and familiarity with ensuring security by design inside of a System Development Life Cycle (SDLC) process

 

We offer you a job with a high level of diverse tasks and responsibilities in an international concern that highly values the development of its employees, quality and safety. You get the freedom to take a range of responsibilities in a rapidly evolving environment. In addition, we offer you a competitive salary package and challenging opportunities for growth.

Contact for more information:

Register your CV and apply online by clicking on the ‘Apply’ button. For questions on the vacancy you can contact Mirjam Hauschildt, HR Specialist, Telephone: +49 (0)2236 72 3254 or via mirjam.hauschildt@lyondellbasell.com

More information about LyondellBasell is to be found on www.lyondellbasell.com

Apply now »