Job Description:
Role : Cloud Cyber Security Test Engineer
Your Background:
• Educational Background: Bachelor's or Master's Degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
• Experience: Over 5 years of experience in red teaming, penetration testing, or cloud security, with a focus on Azure, Kubernetes, and containerized environments.
• Technical Expertise: Strong understanding of Azure Kubernetes Service (AKS), Docker security, container runtime attacks, and supply chain vulnerabilities.
Advanced Skills:
• Expertise in privilege escalation, lateral movement, and evasion techniques in Azure and containerized workloads.
• Certifications: Recommended certifications include OSCP, OSEP, CRTP, CRTE, GCPN, GXPN, AZ-500, SC-100, SC-300, CKS, CNCF Kubernetes & Cloud Native Security Certifications, and Docker Certified Associate (DCA).
Red Teaming Tools:
• Familiarity with tools like MicroBurst, StormSpotter, AzureHound, ROADtools, AADInternals, Mimikatz, Whisker, Graph API & Azure CLI, Kube-hunter, Kube-bench, Trivy, Falco, Kubeaudit, Peirates, Kubescape, Docker Bench for Security, Dive, Crunge, and Container Escape Techniques.
• Persistence & Lateral Movement: Knowledge of tools and techniques for persistence and lateral movement in Azure and Kubernetes, such as Ruler, TokenTactics, AADSpray, MailSniper, and Kubelet Attacks.
• Exploitation & Post-Exploitation: Proficiency in exploitation frameworks like Metasploit, Empire, and post-exploitation techniques in Kubernetes.
• Defensive Evasion: Skills in evasion techniques using tools like SharPersist, BOFNET, Koadic, and obfuscation methods.
• Frameworks & Compliance: Understanding of frameworks and compliance standards like MITRE ATT&CK, NIST 800-53, CIS Benchmarks, OWASP Kubernetes Security Testing Guide, and Microsoft Cloud Adoption Framework (CAF) Security Best Practices.
• Scripting & Automation: Experience with scripting and automation using PowerShell, Azure CLI, Python, Terraform, Bicep, Jenkins, and Azure DevOps.
• Advanced Techniques: Knowledge of advanced red teaming techniques such as cloud workload impersonation, abusing conditional access policies, OAuth token hijacking, cross-tenant attacks in Azure AD, hybrid AD attacks, container escape attacks, and exploiting Kubernetes API Server and Secrets
Required skills:
• Red Teaming Tools
• Cloud Security
• Azure AKS
• Docker security
Ready for your next career move? Explore opportunities at
Join our LinkedIn groups for updates on upcoming opportunities. Connect, collaborate, and thrive with industry leaders :
Co-Worker Technology
Co-Worker Renewable Energy Industry Jobs
Follow us to stay updated on the latest news, insights, and exciting announcements from our company.
Facebook
Instagram
Let's stay connected and grow together.