Red Team - Offensive Security Analyst - Manager
Job in
Hoboken, Hudson County, New Jersey, 07030, USA
Listed on 2026-07-18
Listing for:
Ernst & Young Advisory Services Sdn Bhd
Full Time
position Listed on 2026-07-18
Job specializations:
-
IT/Tech
Cybersecurity, Security Management & Operations, Information Security
Job Description & How to Apply Below
Red Team
- Offensive Security Analyst
- Manager
Other locations:
Anywhere in Region
Requisition
The opportunityThe Active Defense team is responsible for four core areas:
Adversarial Testing (Purple Team), Proactive Threat Hunting, Anomaly Analysis, and Cyber Deception. This function plays a critical role in strengthening and maturing the firm’s enterprise security capabilities through threat‑informed defense and continuous validation of security controls.
- Perform research and analysis of attacker tactics, techniques, and procedures (TTPs), and emulate those attacks in a collaborative and controlled environment.
- Conduct proactive threat hunting operations leveraging SIEM, EDR, threat intelligence, and other security telemetry sources to identify malicious activity and previously unknown threats.
- Identify patterns consistent with sophisticated attacker methodologies, and report on security concerns as they are escalated or identified.
- Evaluate, develop, and operationalize Artificial Intelligence (AI) and Machine Learning (ML) capabilities to enhance cyber defense operations, including threat detection, threat hunting, anomaly detection, adversary emulation, attack simulation, and security automation.
- Analyze digital artifacts, forensic evidence, logs, malware samples, and system telemetry collected during adversarial testing, investigations, and threat hunting activities.
- Communicate with system owners, custodians, and IT stakeholders to facilitate security testing activities, including obtaining access to systems, digital artifact collection, and remediation activities.
- Develop and present technical findings, attack narratives, risk assessments, and remediation recommendations to both technical and non‑technical stakeholders using written reports, presentations, and executive briefings.
- Maintain, manage, improve, and update security testing processes, procedures, and protocol documentation.
- Identify means to disrupt attacker actions, validate security detections and defensive controls, identify coverage gaps, and enhance defender response capabilities.
- 6+ years of relevant experience in one or more of the following areas:
Red Teaming, Purple Teaming, Offensive Security Operations, Exploit Development, Penetration Testing, Security Research, or similar roles. - Demonstrated understanding of common and advanced cyber‑attack vectors, exploitation methodologies, and intrusion set tactics, techniques, and procedures (TTPs).
- Knowledge of incident response processes and the integration of red and purple team findings into defensive operations and remediation efforts.
- Good understanding of Windows and Unix/Linux operating systems.
- Understanding of IP networking concepts, including addressing, routing, common network protocols, and the use of proxies, load balancers, firewalls, routers, and switches within enterprise architectures.
- Understanding of security concepts across on‑premises, cloud, and hybrid enterprise environments.
- Global mindset for working with different cultures and backgrounds.
- Demonstrated integrity and judgment within a professional environment.
- Ability to appropriately balance work/personal priorities.
- Team‑ing skills as well as ability to work independently on tasks.
- Good social, communication, and writing skills.
- Extensive experience in applied enterprise hacking techniques (red/purple‑team) across on‑premises, cloud, and hybrid environments.
- Experience with adversary emulation frameworks, attack simulation platforms, and threat‑informed defense methodologies.
- Background in Dev Sec Ops , with the ability to rapidly build and deploy test scenarios to validate cyber threats and security concerns.
- Hands‑on experience as an administrator configuring one or more of SIEM, SOAR, Endpoint Protection, Vulnerability Scanners, or Data Loss Prevention.
- Proficient with one or more scripting languages such as Python, Power Shell, Perl, or similar languages in a threat intelligence, incident response, or cyber defense environment.
- Experience evaluating emerging AI‑enabled attack techniques and applying AI/ML technologies to enhance threat detection, adversary…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×