GT ITS - Red Team GT ITS - Red Team …

CIMB Malaysia
à Kuala Lumpur, Federal Territory, Malaysia
CDI, Plein-temps
Soyez parmi les premiers à postuler
CIMB Malaysia
à Kuala Lumpur, Federal Territory, Malaysia
CDI, Plein-temps
Soyez parmi les premiers à postuler
GT ITS - Red Team
To perform Red Team exercise on CIMB systems (servers and network devices) to ensure compliance with the regulators requirements (RMIT) and CIMB IT Standard.

Key Responsibilities *

Planning and scoping
  • Define systems and processes that require assessment
  • Identify areas concern to CIMB organization - identify CIMB Critical Risk assets, Internet facing assets,
  • Develop overall testing strategy and timeline.

Threat Intelligence
  • Threat Intelligence input / feed - Work together with SOC / CTI team to identify threat actors to CIMB.
  • Research major threat actors and attack techniques relevant to CIMB organization and the assessment scope. Can work with internal CTI team.
  • Develop attack scenarios using data received from the threat intelligence team.
  • Tailor specific attack scenarios based techniques used by attackers in real life cases.
  • Perform Active/Passive reconnaissance on CIMB target assets
  • Propose attack scenarios and plans
  • Monitor and capture mirrored traffic. Analyse the network packet data from the sniffer.
  • Detect anomalies based on behavioural patterns
  • Identify malicious activity

Testing Setup
  • Define the objectives and detailed testing scope
  • Ensure the testing timeline and approach are agreed
  • Understand / analyse the inherent risk and propose action plans or controls that can be implemented to mitigate the risks. Ensure these are documented accordingly.
  • Come up with risk mitigation activities
  • Typically, creating scripts and preparing tools required to be used to launch the attack.

Execution (Attack, Intrusion & Compromise)
  • Prepare infrastructure listing / host listing for attack execution
  • Obtain sign-off (if any)
  • Execute the attack scenarios that was discussed in threat intelligence.
  • Common focus point of attack execution: Reconnaissance, Information Gathering, Exploitation, Attack the target
  • Pivoting - Basically using the first compromise to allow and even aid in the compromise of other otherwise inaccessible systems.

  • Analyse and compile the findings for reporting and send out draft findings to stakeholders for immediate rectification.
  • Plan for the deliberation to discuss the findings with stakeholders.
  • Subsequently, follow up with the team to ensure findings are remediated and prepare for revalidation.
  • Escalate to stakeholders if there are no feedback from the action owners.

(Basic Degree/Diploma etc)
  1. Bachelor Degree, Business Information Systems
  2. Diploma / Degree
  3. Diploma/Bachelor's Degree (Honours)
Professional Qualification and/or Regulatory, Licensing requirements
  • Certified Ethical Hacker
  • GIAC Assessing Wireless Networks (GAWN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • Certified Red Team Operations Professional (CRTOP)
  • Certified Threat Intelligence Analyst (CTIA)
Relevant Work Experience
  • 5 years experience of experience in VAPT & Red Team
Required Competencies and Skills *
(Essential to succeed in this job)

  • Develop Red Team processes and identification of risk
  • Oversight and appropriate delegation of key deliverables for assessments
  • Development of plans and strategies for tools, processes and overall assessment road map
  • Plan program design updates based on evolving threat intel
  • Creation / Develop tailored scripts for Red Team testing / exercise
  • Mentor and coach junior staff on regular basis
  • Proposed remediation strategies for remediating system exposed with vulnerabilities
  • Plan for deliberations with respective stakeholders
Travel Requirements (if any)
(Incl typical Destinations and Duration)
  • On case basis.
  • Travel within Klang Valley