This is a remote position.
The Castillian is engaged with a professional services and consulting firm client and is focused on the following tasks.
-
Conducting extensive penetration tests across networks, applications, cloud environments, and infrastructure.
-
Scanning the client's external exposure websites and domains to identify security vulnerabilities and performing vulnerability assessments, and providing risk-based remediation recommendations.
-
Lead Threat-Led Penetration Testing (TLPT) / TIBER engagements, working with financial institutions and regulatory bodies.
-
Utilizing Threat Intelligence methodologies to simulate realistic attack scenarios.
-
Producing detailed technical reports outlining findings, risk levels, and mitigation strategies.
-
Collaborating with security teams, SOC analysts, and blue teams to improve defensive strategies.
-
Staying updated on the latest attack techniques, tools, and industry best practices.
-
Developing and deploying custom tooling and malware for Red Team engagements to improve the client's security posture.
-
Guiding and mentoring junior team members on documentation, processes, and addressing technical queries.