The Cybersecurity Risk & Red Team Specialist is responsible for proactively identifying, assessing, and mitigating cybersecurity risks across the Equity Group through simulated attack scenarios and advanced threat emulation.
This role integrates offensive security practices with a thorough understanding of enterprise risk management, ensuring that vulnerabilities and process gaps are promptly identified and addressed.
The specialist will lead and execute red team exercises, contribute to security posture improvements, and support risk management initiatives to enhance the Equity Group’s cyber resilience against evolving threats.
Key Deliverables
Red Team Operations
Plan, lead, and execute red team assessments including web, mobile, network, cloud, and social engineering scenarios.
Simulate advanced persistent threat (APT) techniques, including lateral movement, privilege escalation, and data exfiltration.
Develop, document, and execute attack playbooks tailored to the Equity Group's environment.
Risk Identification & Management
Conduct cybersecurity risk assessments across applications, infrastructure, cloud environments, and third-party integrations.
Collaborate with stakeholders to assess the risk impact and develop actionable mitigation strategies.
Maintain a risk register and track remediation efforts through to resolution.
Security Testing & Validation
Perform vulnerability assessments and penetration testing of systems, applications, and APIs.
Validate the effectiveness of security controls, detection mechanisms, and incident response procedures.
Support purple team exercises by providing offensive techniques for defensive validation.
Reporting & Communication
Deliver detailed, actionable, and executive-friendly assessment reports.
Communicate complex technical findings to both technical and non-technical stakeholders.
Provide recommendations to enhance security controls, processes, and risk mitigation strategies.
Continuous Improvement
Contribute to the evolution of security testing methodologies, tools, and technologies.
Monitor the cybersecurity threat landscape and emerging attacker techniques.
Support cybersecurity awareness and simulation campaigns based on red team findings.
Qualifications
Qualifications / Certifications
Education: Master's / bachelor’s degree in information technology, Computer Science, Cybersecurity, Data Science.
Certifications (One or more of the following strongly preferred): Minimum of CEH (Certified Ethical Hacker) certification or LPT (Licensed Penetration Tester).
Any one ISACA related Certification (e.g. CISM, CISA, CRISC and CGEIT) * Added advantage.
