SENIOR RED TEAM ANALYST JG4.

This role is in the CISO / Cyber Defence / Threat Intelligence / Offensive Security organization.IntroAs businesses leverage digitalization opportunities, their cyber-attack surface structurally increases, which can lead to business disruptions, data breaches and brand damage. High profile industry incidents show that these risks are real, and this has turned cyber resilience into a topic for Boards.Cyber-attacks can cause damage to reputations, destruction of assets and loss of information. Shell is taking action to detect and respond to the continuous flow of these types of attacks.Title: Sr. Red Team AnalystResponsibilities:As part of the CyberDefence Threat Intelligence capability, Sr. Red Team analyst has the following main areas of focus: Identify cyber threats, discover of IT/OT vulnerabilities, detect for cyber intrusions, and respond to security incidents and test our defenses. Understand the internal and external threat landscape, what threats to focus on and how these can be identified within Shell. Find unknown active cyber security threats within Shell and weaknesses in our security controls by applying data analysis techniques to large, diverse sets of internal and external data. Test if our security processes & controls provide the ability to protect, detect and respond to real cyber-attacks. Opportunity: This JG4 position will report to the Offensive Security Manager. The analyst will have the opportunity to conduct red, purple team assessments in a large complex IT/OT network infrastructure ?120K desktops and ?10K servers and applications spanning the globe and across cultures. The analyst will support all security testing activities to proactively identify weaknesses and help protect Shell from cyber-attacks. Where You Fit InThe Powering Progress strategy of Shell requires a competitive and flexible IDT organization. IDT remains uniquely positioned to integrate digital capabilities, enable significant automation and fully leverage data & innovation to drive business performance, create value and grow shareholder returns.As businesses leverages digitalization opportunities, their cyber-attack surface structurally increases, which can lead to business disruptions, data breaches and brand damage. Cyber-attacks can cause damage to reputation, destruction of assets and loss of information. Shell is acting to proactively to assess the threat landscape to identify and mitigate (un)known threats continuously. CyberDefence capability has specific focus to identify cyber threats, discovery of (un)known vulnerabilities, detect for cyber intrusions and respond to security incidents. CyberDefence is aiming to strengthen its proactive and reactive capabilities across people, process and technology and improve security posture with pro-active assessments and remediate technical gaps of Shell’s defenses. What is the Role?Within CyberDefence, the Red Team is a process-driven security function with the purpose of verifying the correct functioning of defensive tools, people, and processes. To help realize this capability, continuous security assurance improvements are made through awareness and exposure of critical weaknesses in our IT environment. The Red Team process is set up to work independently of the pen testing team in CyberDefence; where pen testing is aimed at finding and fixing vulnerabilities in the applications and services, the red team function is designed and set up to test the effectiveness of the security controls which include detection, visibility for monitoring, and incident capabilities.The Red Team member is part of the CyberDefence Threat Intelligence team and expected to collaborate with the Threat team, incident response team and security engineers to tune detection mechanisms and provide input to threat hunting attack hypotheses. Specifically, your role involves: Planning of specific Red Team scenarios, in alignment and coordination with the Leadership Team (LT) and in some (high profile) cases with support of the CISO LT. Assist with design of attack scenarios, implement, and maintain lab/tools/environment for testing. Perform controlled execution of attack scenarios against live systems to simulate real adversary tactics, conduct attack and vulnerability research, with the purpose to test the CyberDefence protection & detection capabilities with the aim to remain undetected. The Red Team member will work to evade, and therefore test the protection & detection mechanisms in place and will assist to address weaknesses with relevant stakeholders to uplift potentially discovered weaknesses. Assess and routinely adopt the tools and techniques of adversaries, leverage the understanding of attacks on other organizations, and mimic the work of adversaries to support training of our monitoring analysts. Produce high quality deliverables in terms of both content and presentation. Examples of deliverables include: communication protocols, proof of concept exploit code/scripts, reports, presentations and reasoned arguments to improve security posture. Engagement with CyberDefence LT members and specific functions to improve process, gain focus and prioritize systemic weaknesses identified for remediation, balancing risk, and impact with other ongoing activities. Update and maintain standard operating procedures across the capabilities within scope. Carry out assignments and projects, alone or as part of a team, applying knowledge, skills, and experience.