Red Team Operations

• Plan, lead, and execute red team assessments including web, mobile, network, cloud, and social engineering scenarios.
• Simulate advanced persistent threat (APT) techniques, including lateral movement, privilege escalation, and data exfiltration.
• Develop, document, and execute attack playbooks tailored to the Equity Group’s environment.

Risk Identification & Management

• Conduct cybersecurity risk assessments across applications, infrastructure, cloud environments, and third-party integrations.
• Collaborate with stakeholders to assess the risk impact and develop actionable mitigation strategies.
• Maintain a risk register and track remediation efforts through to resolution.

Security Testing & Validation

• Perform vulnerability assessments and penetration testing of systems, applications, and APIs.
• Validate the effectiveness of security controls, detection mechanisms, and incident response procedures.
• Support purple team exercises by providing offensive techniques for defensive validation.

Reporting & Communication

• Deliver detailed, actionable, and executive-friendly assessment reports.
• Communicate complex technical findings to both technical and non-technical stakeholders.
• Provide recommendations to enhance security controls, processes, and risk mitigation strategies.

​​​​​​​Continuous Improvement

• Contribute to the evolution of security testing methodologies, tools, and technologies.
• Monitor the cybersecurity threat landscape and emerging attacker techniques.
• Support cybersecurity awareness and simulation campaigns based on red team findings.

Qualifications

Qualifications / Certifications

• Education: Master’s / bachelor’s degree in information technology, Computer Science, Cybersecurity, Data Science.
• Certifications (One or more of the following strongly preferred): Minimum of CEH (Certified Ethical Hacker) certification or LPT (Licensed Penetration Tester).
• Any one ISACA related Certification (e.g. CISM, CISA, CRISC and CGEIT) * Added advantage.
• OSCP, CRTO, CRT, OSEP, CRTP, CRTE (Offensive Security Certifications) * Added advantage.
• GIAC Penetration Tester (GPEN), Red Team Professional (GRTP) * Added advantage.

Experience

• Minimum 5+ years of experience in cybersecurity, with at least 2 years focused on Red Teaming, offensive security, or penetration testing.
• Experience in cybersecurity risk management or security operations within regulated industries, preferably financial services.
• Prior experience in planning and executing Red Team/Purple Team exercises across diverse technological landscapes.
• Demonstrated success in delivering security risk assessments and providing technical recommendations.