We are a company of all and for all. With a solid and inclusive foundation, MC maintains its focus on people, to make life simpler for customers, employees or community members. We create value with the contribution of everyone, we innovate at every step and we lead closely, attentive to the qualities and needs of each one. We have different paths and different ideas, but we share the desire to grow and come up with the best version of ourselves. Everything we are, we achieve together. And there's nothing more inspiring than that. We want to be #betterwithyou!
BIT is the Information Systems area of MC. A group of people who live for the business and technology breakthroughs, creating fast, cohesive management and decision tools.
We are looking for a RED TEAM COORDINATOR to join our SECURITY OPERATIONS CENTER (SOC) team at BIT.
Reporting to the Area Manager, the RED Team Coordinator's mission is to work closely with the BLUE Team, the defensive counterpart of the RED Team, to simulate real-world cyberattacks and test the effectiveness of our IT security controls and defenses. Your goal is to identify and exploit the vulnerabilities and weaknesses in our IT environment, and to provide clear and actionable recommendations to improve our IT security posture and resilience.
WHAT WILL MAKE YOUR DAY…
Work in a dynamic and supportive environment, where you will be valued and recognized for your contributions;
Be part of a transformational project that aims to make Sonae MC a reference in the IT security field in Retail business, by increasing the maturity and scope of the IT security services we provide;
Challenge yourself and grow your skills and knowledge in the IT security domain, by facing diverse and complex scenarios and learning from the best in the industry;
Make a difference and have a positive impact on the IT security posture and resilience of Sonae MC, by helping to identify and mitigate the cyber risks and threats;
Oversee the planning, execution and reporting of simulated cyberattacks against our IT infrastructure, systems and applications;
Define the objectives, scope and methodology of the RED Team engagements, in alignment with the business needs and risk appetite;
Lead and mentor a team of skilled and motivated ethical hackers, ensuring their professional development and performance;
Conduct and supervise the RED Team activities, using a variety of tools and techniques to identify and exploit vulnerabilities and weaknesses in our IT environment;
Communicate and collaborate with the relevant stakeholders, such as the BLUE Team, IT security management, IT Operations, etc.;
Prepare and present clear and actionable reports and recommendations based on the RED Team findings, highlighting the risks and the remediation strategies;
Keep up to date with the latest trends, threats and best practices in the IT security field, and apply them to the RED Team operations;
Manage the relationship with external service providers, ensuring the quality and compliance of their deliverables and monitoring the indicators and SLA's.
WHAT MAKES YOU THE ONE…
Graduation degree in computer science, IT security or a related field, or equivalent work experience;
A deep experience managing and mentoring a team (preferably members of red team), ensuring that they have the skills, tools, and resources they need to perform their tasks;
A solid background in cybersecurity, with at least five years of experience in red teaming, penetration testing, or offensive security;
A strong knowledge of various tools, techniques, and frameworks used by attackers, such as Metasploit, Nmap, Burp Suite, Cobalt Strike, etc.;
A deep understanding of network and system architectures, protocols, and security controls, as well as common vulnerabilities and exploits;
A proven ability to plan, execute, and report on complex and realistic red team scenarios, aligned with industry standards and best practices, such as PTES, MITRE ATT&CK, etc.;
Good communication and collaboration skills, with the ability to present findings and recommendations to technical and non-technical audiences, as well as to coordinate and cooperate with the blue team and the purple team;
A certification in a relevant field, such as OSCP, OSCE, GPEN, GWAPT, etc., is highly desirable but not mandatory;
A familiarity with the dynamics and methodologies associated with the activity of a blue team and a purple team, such as incident response, threat hunting, threat intelligence, etc., is a plus;
WHAT MAKES THE DIFFERENCE…
Excellent verbal and written communication skills, including the ability to translate complex technical concepts into understandable terms;
Ability to work at tactical and strategic level simultaneously.
WHAT MAKES US THE BEST CHOICE… We are firmly convinced that technology can re-shape the retail business, bringing more convenience and exceeding customer's expectations. But for that to happen, we need bright and visionary people to lead this transformation. Can we count you in?
We offer a unique workplace, combining the typical benefits of a large corporation with an informal and energetic startup environment; Hybrid work; Life and Health insurance; PC and phone included; You can also benefit from our Flex It Up Program, that includes:
flex friday;
extra off days;
reduced working hours;
flexiwork;
and, unpaid leave!
We are waiting for you! We are #Bettertogether!
D&I MC Commitment: Our diversity and inclusion strategy is rooted in our way of being and addresses 5 dimensions: Gender Equality, Disabilities, Generations, LGBTIQA, Nationalities and Ethnicities. We do our best to create a work environment based on a wealth of profiles and focusing on uniqueness, as the basic principle of this strategy and as a catalyst for the personal and professional development of each person. Ensuring that everyone feels respected, valued for their skills and has confidence in the organization.
#J-18808-Ljbffr
