עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לחפש לבד בין מאות מודעות – תנו ל-Jobify לנתח את קורות החיים שלכם ולהציג לכם רק הזדמנויות שבאמת שוות את הזמן שלכם מתוך מאגר המשרות הגדול בישראל.
השימוש חינם, ללא עלות וללא הגבלה.
CYE is looking for a Red Team Expert with hands-on experience in offensive security, possessing strong technical capabilities, in-depth knowledge of adversary simulation, and a passion for Red Team operations.
CYE is a cybersecurity firm specializing in advanced adversary simulation and offensive security testing. We deliver Red Team assessments for Fortune 500 companies, simulating sophisticated, real-world attacks across external, internal, cloud and Active Directory environments. Our services span both stealth-based Red Team operations and risk-focused assessments, covering a wide range of attack surfaces including on-premise and cloud environments.
Responsibilities
Participate in Red Team assessments that simulate real-world threats and remain undetected by the client's defensive team. These stealth operations simulate advanced adversaries and require careful planning, execution, and OPSEC
Lead or co-lead portions of internal and external offensive assessments, including perimeter exploitation and post-exploitation in Active Directory
Perform Purple Team engagements to help clients improve their monitoring and detection capabilities while sharpening your own offensive skills
Document attack paths, risk analysis, technical findings and remediation guidance in detailed reports tailored to both technical and executive audiences.
Collaborate with the team to develop and maintain internal tooling, scripts, and documentation for offensive operations
Continuously research and test new techniques, tools, and attack paths to further enhance CYE's Red Team capabilities
Requirements
2+ years of hands-on experience in offensive security, red teaming, or penetration testing
Hands-on experience with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver)
Strong understanding of Active Directory, domain escalation paths, Kerberos, trust relationships, GPO abuse, credential access, etc.
Proficiency in various offensive techniques such as Relay Attacks, Coercion, Kerberos Attacks, Privilege Escalation, etc.
Familiarity with network protocols (e.g., SMB, DNS, LDAP, HTTP) and system internals (Windows and Linux)
Strong understanding of OPSEC considerations during covert operations
Ability to present and produce clear and actionable technical reports and documentation in English
Experience working in client-facing roles or as part of structured engagements
Proficient in one or more scripting/programming languages: Python, PowerShell, C#, or C++
Advantages
Knowledge of MITRE ATT&CK, threat emulation frameworks, and adversary tactics
Previous contributions to open source offensive security tools or research
High Advantage: Experience in at least one of the cloud attack surfaces (Azure, AWS, GCP)
Experience and familiarity with security best practices in Kubernetes-based (K8s) infrastructure
Familiarity with EDR/XDR and other security products (e.g., CrowdStrike, Microsoft Defender, etc.) and common evasion techniques
Relevant certifications such as OSCP, OSCE, CRTO, GXPN, or equivalent
High level of spoken and written English, including the ability to clearly explain technical topics to both technical and non-technical audiences
About us:
CYE’s exposure management platform, Hyver, transforms the way security teams protect their organizations. With CRQ at its core, Hyver reveals exposure in financial terms, visualizes attack routes to critical business assets, and creates tailored mitigation plans. Founded in 2012, CYE has served hundreds of organizations globally.
במקום לחפש לבד בין מאות מודעות – תנו ל-Jobify לנתח את קורות החיים שלכם ולהציג לכם רק הזדמנויות שבאמת שוות את הזמן שלכם מתוך מאגר המשרות הגדול בישראל.
השימוש חינם, ללא עלות וללא הגבלה.
הרצליה
