Red Team Leader Lisboa

Red Team Leader
Lisboa
Lisboa, Lisboa, Portugal

Job Description – Red Team Leader

About Hiscox:

At Hiscox we care about our people. We hire the best people for the work, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We embrace
- working practices, balancing the ability to work remotely with the culture and energy we experience when we are
-
- face in our offices. Our focus on collaboration and
- functional working is supported with virtual tools that minimise physical travel,
- desking neighbourhoods that create a physical sense of community and Team Charters that our teams
- create to set out how they’ll work together. This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues. As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things. We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions. Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places. Some people might say insurance is dull, but life at Hiscox is anything but. If that sounds good to you, get in touch.

Red Team Leader - Lisbon

Reporting to: Head of Cyber Fusion Centre

Type: Permanent

Band: III

The Role:

The Red Team Leader works in our Cyber Fusion Centre, which is responsible for the protection, detection and response capabilities used to safeguard our business from cyber threats. You will be responsible for the leadership and management of a team of ethical hackers and security analysts tasked with the proactive identification and mitigation of threats to our systems and networks. Your work will be essential in enhancing our security posture by providing insights into potential attack vectors and security weaknesses – and ensuring these are mitigated before they can be exploited. Your team will be responsible for emulating the threats we face, by mimicking the Tactics, Techniques and Procedures (TTPs) used by
- world hackers. The primary focus of your role will involve the planning and delivery of offensive security operations, including penetration tests and red team exercises delivered by inhouse and
- party resources.

Key Responsibilities:

1. Develop, manage and deliver our
   -
   -
   - service capability to the business.
2. Develop and maintain a roadmap of the primary tools and technologies needed to support red team activities, ensuring we have the latest capabilities available.
3. Define clear objectives and goals for the red team, track their performance and manage improvements in our cyber defences through our Key Risk Indicators.
4. Act as the senior ethical hacker in the team, providing governance of red team activities and quality assurance of their outcomes – supporting the delivery of tests when required.
5. Ensure our adherence to legal and ethical standards when performing security tests, ensuring required authorisations have been obtained, that privacy and confidentiality is not breached during a test and that our activities do not cause harm or disruption to our systems – or those provided by third parties.
6. Define the schedule and roadmap for tests, exercises and routine scans that need to be completed to meet our statutory and regulatory commitments.
7. Define the policies, processes and procedures required to support all our red team activities.
8. Analyse and prioritise the outputs from penetration tests and translate these into mitigation actions for our Fusion Centre CI/CD pipelines.
9. Analyse trends in our security threats and vulnerabilities and identify the root causes for remediation.
10. Track open security vulnerabilities in our estate, and working with the Delivery Team Leader, ensure these are managed through the lifecycle to closure.
11. Collaborate with our Blue Team Leader to validate and enhance their detection and response capabilities through feedback and continuous improvement processes.
12. Plan, govern and coordinate Penetration Tests performed by our external third parties.
13. Support the planning and delivery of Red and Blue Team exercises as required.
14. Support
    - flight security incidents as a member of the Cyber Incident Response Team (CIRT).
15. Design and deliver security awareness training to technical teams in support of a Secure-by-Design culture across our business.
16. Prepare detailed reports and briefings for various stakeholders outlining the nature of our threats, their potential impact and recommended mitigation approach.
17. Maintain an
    -
    - date knowledge of the latest threat actors and their TTPs and share your knowledge with other members of the team as required.

Candidate Profile:

1. 7+ years’ experience in a penetration testing role, preferably with a CREST registered provider.
2. Excellent working knowledge of current TTPs, the cyber kill chain and attack lifecycle.
3. Excellent working knowledge of the vulnerability management lifecycle.
4. Excellent analytical skills with the ability to work under own initiative.
5. Excellent knowledge of common hacking techniques and the latest cyber threats.
6. Excellent working knowledge of cyber threat intelligence and attack modelling frameworks.
7. Ability to understand and emulate the mindset of a sophisticated threat actor.
8. Be highly curious and demonstrate lateral thinking and problem solving.
9. Fluent in multiple programming languages, including Python, Java, C++ and Shell Script.
10. Exemplary professional integrity and ethics.
11. Good presentation and report writing skills.
12. BSc or MSc in Cybersecurity is desirable.
13. Advanced industry recognised qualifications such as GIAC GRTP and CREST CCRTS are desirable.