Principal Offensive Security Consultant, Red Team

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.  

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software.

We're looking to grow our team of red teamers and penetration testers in [ India | Philippines]. We perform testing of web and smartphone applications, computer networks, cloud infrastructure, hardware devices, employees via social engineering, organizations via red team testing, and more.

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges. 

Apply now to join One team, One Kroll.

What you’ll do

As an Offensive Security Principal Consultant, you’ll be reporting to an Associate Managing Director in our Offensive Security team and deliver projects for some of the biggest enterprises in APAC, North America, and EMEA. You will lead and deliver red team engagements to clients across the globe. You will contribute to the tools, methodology, and knowledge repository for the global Red Team practice. You will mentor consultants and senior consultants on red team skills. Responsibilities include ensuring high quality delivery of services to the clients across the globe. 

In summary, you will 

• Lead the execution of red team engagements, network penetration test, and application security assessments as a thought-leader in the eyes of the client and your teammates
• Solution and scope engagements for our clients, including red team engagements
• Oversee the delivery of engagements to ensure that junior members of the team are able to deliver and exceed client expectations
• Author deliverables such as detailed reports and executive reports
• Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations
• Execute internal strategic initiatives to help our practice grow, adapt, and evolve
• Manage junior members of the team by conducting one-on-ones, providing feedback and coaching, and supporting their career growth

What you’ll need to succeed 

• Bachelor’s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration
• 7+ years in offensive security, with 2+ years in executing red team exercises
• Expert knowledge, and demonstrated application, of the MITRE ATT&CK framework and adversary TTPs, OSINT techniques, phishing and social engineering techniques, C2 infrastructure design, lateral movement, privilege escalation, EDR and AV bypass
• Familiarity with infrastructure-as-code enablement tools, such as Terraform or Ansible
• Familiarity with cloud environments, such as AWS and Azure 
• Familiarity with reverse engineering, Windows/Linux system administration, C programming, are an asset
• An appetite for self-directed learning and a willingness to venture into the unknown
• Generosity with your knowledge and patience with your apprentices
• Excellent oral and written communication skills
• A deep understanding of application penetration testing, cloud security, or red teaming
• The capability to build and cultivate relationships with clients and colleagues 
• A proven ability to lead and deliver information security assessments that don’t always come with a playbook

In order to be considered for a position, you must formally apply via careers.kroll.com.

Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

#LI-CJ2
#LI-Hybrid