Security Engineer II - Red Team (BAS)
Interactive Brokersabout 4 hours ago
Mumbai, IndiaMid Level / Senior
H1B Sponsor
Responsibilities
- Design, develop, and execute sophisticated phishing simulation campaigns tailored to organizational needs.
- Create and manage the technical infrastructure required for phishing simulations, including domains and servers.
- Develop realistic phishing email content and landing pages that reflect current threat actor tactics.
- Generate comprehensive phishing reports with metrics, findings, and recommendations.
- Track user susceptibility to phishing attempts and measure improvement over time.
- Collaborate with security awareness teams to develop targeted training based on simulation results.
- Configure and operate BAS tools to simulate various attack scenarios beyond phishing.
- Design realistic red team scenarios to test security controls across the organization.
- Troubleshoot technical issues with BAS tools and ensure proper execution of attack scenarios.
- Analyze BAS results to identify security gaps and control weaknesses.
- Provide recommendations for security improvements based on BAS findings.
- Stay current with emerging attack techniques and implement them in simulation scenarios.
- Document and maintain BAS procedures and playbooks.
- Collaborate with security teams to prioritize remediation efforts based on simulation findings.
- Contribute to the development of security policies and procedures.
- Maintain knowledge of current cybersecurity threats and attack methodologies.
- Participate in security assessment activities as needed.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).
- 3+ years of experience in cybersecurity with focus on phishing simulations and/or red team operations.
- Hands-on experience with BAS tools.
- Strong understanding of domain and server setup for phishing operations.
- Familiarity with DNS configuration, email authentication protocols, and web server management.
- Solid networking knowledge including TCP/IP protocols and network architecture.
- Experience operating BAS tools and understanding attack chain methodologies.
- Working knowledge of Vulnerability Assessment and Penetration Testing (VAPT).
- Creative approach to developing realistic attack scenarios and campaigns.
Benefits
- Competitive salary package.
- Performance based annual bonus (cash and stocks).
- Hybrid working model (3 days office/week).
- Group Medical & Life Insurance.
- Modern offices with free amenities & fully stocked cafeterias.
- Monthly food card & company paid snacks.
- Hardship/shift allowance with company provided pickup & drop facility.
- Attractive employee referral bonus.
- Frequent company sponsored team building events and outings.