Red Team Engineer / Offensive Security Specialist

Job Responsibilities Red Team vs Blue Team Exercises Develop and execute penetration testing and confrontation plans that simulate real attack scenarios, identifying potential vulnerabilities in the enterprise's networks, applications, and systems. Lead or participate in red team vs blue team exercises, assessing the blue team's detection, response, and recovery capabilities, and promoting optimization of attack-defense collaboration. Attack Surface Analysis Identify the enterprise's network exposure and potential risks, providing effective mitigation and remediation recommendations. Continuously monitor and collect threat intelligence, analyze attack trends, and translate them into actionable exercise tactics. Tool and Technology Development Develop and optimize red team tools and scripts for vulnerability exploitation, privilege escalation, lateral movement, etc. Research and validate new attack techniques, simulating real threats in conjunction with business scenarios. Build and maintain a red team arsenal (phishing template library, attack script library, 0Day/1Day exploit chain reproduction) to enhance tool utilization and reusability. Full-Chain Reproduction of Attack Scenarios Simulate and reproduce APT attack chains, restoring real attack processes based on threat intelligence and identifying potential risks. Simulate multi-stage intrusions covering personnel, endpoints, servers, front-end pages, and financial systems to achieve end-to-end attack-defense exercises. Security Assessment and Reporting Conduct penetration testing on critical business systems, internal networks, and cloud environments, producing detailed assessment reports and remediation recommendations. Assist in improving security protection mechanisms and promote the overall optimization of the enterprise's security system. Cross-Department Collaboration Collaborate with the blue team to conduct attack reviews and vulnerability remediation, enhancing detection and response levels. Support emergency response drills and develop security consulting to promote the implementation of security requirements. Job Requirements Basic Skills Proficient in TCP/IP protocols, network architecture, and the principles and configuration of security devices. Well-versed in common attack techniques and tools (such as Sliver, NPS, Burp Suite, etc.). Familiar with the security mechanisms and exploitation methods of Windows, Linux, MacOS, and common web frameworks. Technical Skills Proficient in the entire penetration testing process: information gathering, vulnerability scanning, internal network penetration, lateral movement, persistence, etc. Mastery of one or more programming/scripting languages (Python, Go, Bash, etc.) with tool development capabilities. Familiar with the working principles and bypass methods of enterprise-level security products (WAF, EDR, SIEM, etc.). Experience Requirements Over 5 years of red team/penetration testing experience, with experience in large-scale attack-defense exercises preferred. Experience in reproducing APT attack chains, 0day/1day exploits, and building red team arsenals preferred. Other Abilities Strong documentation and technical reporting skills. Highly responsible, with a strong team spirit and ability to work under pressure. Holding security certifications such as OSCP, OSCE, CISSP, CISP, CEH is preferred. Bonus Points Familiarity with cloud platform (AWS, Tencent Cloud, Azure) security and attack-defense technologies. Experience in zero trust, security operations, and threat intelligence analysis-related projects. Maintain sensitivity to new attack techniques and tools, actively engaging in knowledge sharing or community contributions. Research results with external influence in security communities, conferences, or competitions.