Key Responsibilities:
- Design, deploy and maintain the cyber range using AWS or Azure cloud, based on the scope of tests published by MITRE
- Manage, configure, and troubleshoot Windows environment, including Active Directory.
- Develop and execute realistic cyber-attack scenarios based on the MITRE evaluation scopes to identify the gaps and test the effectiveness of our solutions.
- Conduct several dry runs leading up to the MITRE evaluations, ensuring thorough preparation and refinement of tactics and strategies.
- Collaborate with other solution teams to assess the impact of simulated attacks and refine defensive strategies.
- Document findings and provide detailed feedback to enhance our threat detection and response capabilities.
- Participate in post-exercise debriefings and contribute to continuous improvement initiatives.
- Stay updated with the latest cybersecurity trends and updates to the MITRE ATT&CK framework.
Required Skills and Qualifications:
- Strong knowledge of Windows administration and Active Directory management.
- Familiarity with cloud integration and hybrid environments.
- Proven experience in red team operations and familiarity with tools and techniques used in offensive cybersecurity.
- In-depth knowledge of the MITRE ATT&CK framework and experience in applying it to real-world scenarios.
- Strong ability to develop and simulate complex cyber-attack scenarios and manage red team exercises.
- Excellent analytical and problem-solving skills, with the ability to think like both an attacker and a defender.
- Strong communication and collaboration skills, capable of working effectively with cross-functional teams.
Preferred Qualifications:
- Certifications such as OSCP, CEH, or other relevant cybersecurity certifications.
- Experience with scripting and programming languages such as Python, PowerShell, or Bash.
- Prior experience participating in MITRE ATT&CK evaluations or similar cybersecurity assessment frameworks.
- Experience with multi-cloud or hybrid environments.
