Desjardins Group

Offensive Security Advisor – Red Team

PayCompetitive
LocationMontreal/Quebec
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: R2308249

      At Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should reflect the diversity of the members, clients and communities we serve.

      If there's something we can do to help make the recruitment process or the job you're applying for more accessible, let us know. We can provide accommodations at any stage in the recruitment process. Just ask!

      Job Level

      NV-11

      Do technical challenges keep you awake at night? Do you want to constantly learn, analyze, understand things and leverage your experience, knowledge and expertise?

      Our Red Team needs an operator to perform adversary simulation and threat monitoring activities at Desjardins. In this role, you work with high caliber cyber defence and insider threat teams during activities requiring you to use modern and sophisticated offensive tools, in-house tradecraft and TTPs that you develop to effectively do your job.

      As an Offensive Security Advisor – Red Team, you help protect IT hardware, software and data against modification, destruction, and accidental or unauthorized disclosure. You also assist in authentication and access control by designing, administering and controlling proven security systems. You analyze IT system vulnerabilities and implement protective measures to back up, restore and secure systems.

      You lead practitioners on development projects and innovative, complex strategic initiatives, including the development of IT security standards and policies. Your initiatives require extensive, in-depth knowledge of your line of work.

      You make recommendations on the development and execution of projects and initiatives with a high degree of operational and conceptual complexity. You use your analytical skills and comprehensive, detailed knowledge of your line of business and the organization. Coordination is critical. You interact with many stakeholders working in a wide range of fields. Interpersonal savvy is therefore essential.

      You serve as a specialist advisor and subject matter expert, as well as a resource person and coach for decision-making bodies.

      We're looking for a team player with knowledge and experience of Terraform/Ansible infrastructure who can manage a project and stay organized.

      General Information on the Position

      Main responsibilities

      • Lead large-scale development projects, initiatives and activities in your specialty area that have a significant impact on the entire organization

      • Advise your clients and partners to help them position, plan, develop, select solutions for, execute and monitor strategic projects and initiatives under your responsibility

      • Develop and update policies, standards, models and programs to support your unit's strategic projects and initiatives

      • Identify and analyze major issues. Diagnose issues and make recommendations to decision-making bodies

      • Represent your unit before decision-making bodies

      • Represent Desjardins when making agreements with external partners and organizations


      Additional responsibilities

      • Design, develop and implement various attack chains for different levels of sophistication

      • Perform the research and development required to maintain and contribute to the team's tradecraft

      • Collaborate with the Desjardins cyber defence and insider threat teams to improve prevention, detection and response capabilities

      • Popularize, document and communicate detailed observations and recommendations

      Other working conditions

      • Work location: Montréal or Lévis, depending on the candidate's preference. The work arrangement for the position is hybrid work #LI-Hybrid

      • Number of jobs available : 1

      Qualifications

      • Bachelor’s degree in a related field

      • A minimum of eight years of relevant experience

      • Experience in offensive security as a Red Team operator and/or with stealth pentesting

      • Experience developing creative stealth tools and automating tasks in various programming languages

      • Experience operating with C2

      Please note that other combinations of qualifications and relevant experience may be considered

      • For vacant positions available in Quebec, please note that knowledge of French is required

      Specific knowledge

      • Proficiency in application security and infrastructure operations

      • Knowledge of modern evasive techniques (e.g., antivirus, EDR, NDR)

      • General knowledge of defence mechanisms and business controls

      • Familiarity with the MITRE ATT&CK framework

      • Advanced proficiency in French

      Why choose the Desjardins Red Team?

      • Possibility of flexible work location

      • Quarterly department meetings and in-person team activities (BBQ!)

      • Attack simulation against fearsome cyber defence teams

      • Personal-professional balance a core value

      • Join a team of 30 hackers backed by strong technical managers

      • Flexible training budget

      Desjardins invests in training its offensive security team by offering access to internationally-renowned conferences and training programs.

      As an example, here's the training list for our team over the last 12 months:

      • Adversary Simulation and Red Team Tactics by MDSec

      • Adversary Tactics: Red Team Operations by SpecterOps

      • Adversary Tactics: Tradecraft Analysis by SpecterOps

      • Adversary Tactics: Vulnerability Research for Operators by SpecterOps

      • An Analytical Approach to Modern Binary Deobfuscation by Arnau Gàmez i Montolio

      • Dark Side Ops 1: Malware Dev by NetSPI

      • Dark Side Ops 2: Adversary Simulation by NetSPI

      • Initial Access Operation by FortyNorth Security

      • Malware On Steroids by Dark Vortex

      • Modern Malware OPSEC & Anti-Reverse Techniques Implementation and Reversing by Dr. Silvio La Porta and Dr. Antonio Villani

      • Offensive Cloud Security by NCC Group

      • OSCP, OSCE, OSEP, OSED, OSWP by Offensive Security

      • Red Team Operator: Windows Evasion by Sektor7

      • Unplugged: Modern Wi-Fi Hacking by SensePost

      • Windows Internals by Paval Yosifovich

      • Windows Kernel Exploitation by Ashfaq Ansari

      Desjardins Cross-sector skills

      Action oriented, Customer Focus, Differences, Nimble learning

      Key competencies for the job

      Interpersonal Savvy, Strategic mindset

      Work Location

      1, Complexe Desjardins, Montréal

      Trade Union

      Non Syndiqué

      Unposting Date

      2023-12-24

      Job Family

      Information technology (FG)

      Desjardins Group is the largest cooperative financial group in Canada, and one of the largest employers in the country. It offers a full range of financial products and services and is home to a wealth of expertise in property and casualty insurance, life and health insurance, wealth management, services for businesses of all sizes, securities brokerage, asset management, venture capital, and secure, leading-edge virtual access methods.

  • About the company

      The Desjardins Group is a Canadian financial services cooperative and the largest federation of credit unions in North America.

Other job opportunities

apple home advisor remote
remote financial advisor jobs
chief information security officer remote jobs
cyber security jobs london remote
cyber security jobs remote
More information about Desjardins Group