JOIN COMSEC FAMILY

Apply now

All of our offices are in central locations, and include subsidized
lunches, stocked kitchens, PlayStations, events and activities!

If you want to be a part of our professional team,
  join our family and become a part of our global
success!

Array

Red Team Specialist

Tel Aviv · Full-time

About The Position

Job Overview: We are seeking a skilled and experienced Red Team Specialist with a strong background in OSINT, phishing/smishing/vishing campaigns, application and infrastructure penetration testing, and low-level programming, to join our Offensive Security team. The ideal candidate has a solid understanding of advanced offensive techniques, malware development, and threat emulation, and is capable of conducting sophisticated attacks that simulate real-world threat scenarios to evaluate and improve the security defenses of our clients.

Key Responsibilities:

  • OSINT and Target Reconnaissance: Conduct extensive Open Source Intelligence (OSINT) gathering to map potential attack surfaces and identify key information that could be leveraged in red team operations.
  • Phishing and Social Engineering: Develop and execute phishing campaigns (using text and/or voice) and other social engineering tactics to simulate realistic attack scenarios. Measure effectiveness and provide insights into user awareness and susceptibility.
  • Application and Infrastructure Testing: Perform in-depth assessments of web applications, APIs, and infrastructure, identifying vulnerabilities that could be exploited by adversaries. Focus on both external and internal assets.
  • Malware Development and Low-Level Exploitation: Develop and deploy custom malware, exploits, or payloads tailored to the engagement requirements. Utilize low-level programming (e.g., C, C++, Assembly) to create effective evasion techniques and bypass security controls.
  • Collaboration and Reporting: Create detailed technical reports on findings, as well as high-level summaries for senior leadership of our clients.
  • Tool Development and Automation: Build and customize tools and scripts for automation in reconnaissance, exploitation, and post-exploitation phases, enhancing red team effectiveness.
  • Stay Up-to-Date with Threat Landscape: Stay informed on the latest threats, exploits, and attack techniques, incorporating them into the red team operations.

Requirements

Required Skills and Qualifications:

  • Experience: 3-5 years of hands-on experience in red teaming or offensive security roles, with a focus on OSINT, social engineering, and phishing.
  • Technical Proficiency:
  • Strong understanding of network and application layer protocols and security principles.
  • Proficiency in offensive security tools (e.g., Cobalt Strike, Empire, Metasploit, Burp Suite) and scripting languages (Python, PowerShell, Bash).
  • Demonstrable experience with low-level programming (C, C++, Assembly) for exploit development and evasion techniques.
  • Malware Development: Experience developing custom malware and payloads to simulate APT behavior and bypass security defenses.
  • Social Engineering Skills: Expertise in creating and executing phishing campaigns, phone-based social engineering, and physical security assessments.
  • Application and Infrastructure Knowledge: Deep understanding of web application security, including hands-on experience with typical vulnerabilities, as well as infrastructure vulnerabilities in Windows, Linux, and cloud environments.
  • Strong OSINT Skills: Proven track record of gathering and leveraging OSINT to enhance attack precision and effectiveness.

Nice to Have

Preferred Skills:

  • Reverse Engineering: Familiarity with reverse engineering tools (e.g., IDA Pro, Ghidra, OllyDbg) and methodologies for understanding binaries and malware.
  • Certifications (preferred): OSCP, OSCE, CRTO, or other advanced offensive security certifications that demonstrate deep technical expertise.
  • Good verbal and written English (at least CEFR level B2).

Soft Skills:

  • Adaptability and Innovation: Ability to think creatively and adapt techniques based on different scenarios and evolving security measures.
  • Clear Communication: Capable of documenting complex technical findings and communicating them effectively to technical and non-technical stakeholders.
  • Problem-Solving and Analytical Mindset: Strong analytical skills with a methodical approach to problem-solving in offensive security contexts.
  • Excellent communication skills.

Apply for this position

WHY Comsec

Join our family and become a part
of our global success

?

Comsec understands that its most valuable asset is its human capital – At Comsec. people come first. We believe that the success and strength of the company is determined by its people.

Therefore, we invest time in the recruitment and selection process in order to locate talented and skilled individuals.