Rust Jobs for Rustaceans

Key Responsibilities:
Target's Red Team uses adversary simulation to uncover risk in our environment, provide training opportunities to defenders, and measure the processes and technology defending the organization. We leverage a high level of collaboration between teams as we drive organizational improvement. Our objective-driven operations are supplemented with direct training and development, Purple Team work, and consulting within the company on security risk. As a Red Team Lead Engineer, you will conduct and lead operations, contribute to the team, influence team direction, and collaborate with partner teams. This Lead Engineer role is an operator role, and not a management role. The “Lead” title reflects the seniority of the role, and the responsibility of mentoring more junior operators. In most, but not all circumstances, the experience required to meet the requirements of this role would require a candidate to have previous Red Team experience, not just experience in the offensive security industry.

Red Team Members Regularly:

• Consult on, design, and execute adversary emulation operations
• Conduct research into real-world threat actor tactics, techniques, and procedures to develop proof-of-concept tools and playbooks
• Bypass preventative and detective security controls to accomplish operational goals
• Partner with the Cyber Security Incident Response Team and other stakeholders in the organization to identify improvement opportunities
• Collaborate with Cyber Threat Intelligence, Detection, and Threat Hunting engineers and analysts on research
• Work with non-security engineering teams to educate, and collaborate on operational objectives

Expect To:

• Develop strategic adversary emulation objectives and operational plans
• Execute adversary emulation operations to surface risk in the organization
• Work with partner teams to plan cooperative engagements
• Lead and train operators
• Communicate effectively with and directly support defenders
• Present findings and operational work to groups in a clear and professional manner
• Study the techniques of Threat Actors, and apply that lens to operational work
• Partner with other Team Members to improve tools and procedures
• Manage work effectively in the team’s project management tools (Github/JIRA)
• Respond to the quick-changing needs and priorities of the team
• Read and write code to accomplish red team goals
• Deeply understand red team infrastructure

About You:

• Four years minimum experience in offensive security and/or defensive security
• Demonstrates strong offensive security knowledge
• Demonstrates strong understanding of the impact of Red Team work on an organization and its customers
• Prioritizes process improvement
• Seeks out cross-functional collaboration opportunities
• Clearly and respectfully communicates technical issues in a training or mentorship setting
• Resolves complex technical issues with minimal assistance
• Builds strong commitment within a team to support the appropriate priorities
• Stays current on relevant technologies with self-directed learning

Desirable Skills:

• Deep Red Team adversary emulation experience
• Experience working on or with Blue Teams, including Incident Response, or Detection
• Experience working in large, complex organizations
• Python, C#, Rust, Go, or C skills
• Solving difficult problems, and creatively subverting systems
• Ability to replicate the tools and techniques of in-the-wild threat actors
• Follows Threat Actor trends impacting organizational security