Senior Threat Emulation Team Member

As a senior member of the Threat Emulation team within Admiral’s Cyber Security Department, you will be responsible for taking a leading role within the efforts of the Threat Emulation team on a day-to-day basis, providing technical leadership of workstreams/projects, driving initiatives and capability improvements and working closely with the Team Lead to achieve these aims as well as being expected to provide mentoring and coaching to other members of the team.

The Threat Emulation team are focused on understanding the threats that may target the business and assisting the Security Operations Centre in developing novel and effective detections for the Admiral estate along with ensuring that the people, processes and technologies are operating as effectively as possible using a variety of exercises conducted under both purple and red teaming approaches.

Main Duties 

The Team Senior will take an actively leading role in:

• Owning the delivery of Threat Emulation services through the full lifecycle, including taking responsibility for delivery of key projects and workstreams through to completion.
• Proactively analyse business needs, research; recommend solutions and drive their adoption.
• Identifying key opportunities to provide current and new security testing services across the business.
• Developing novel and innovative capabilities within the team.
• Performing post exercise or incident reviews and proposing resolutions using their subject matter expertise.
• Act as a point of escalation for the team and wider cyber department.
• Mentor and develop team members and peers.
• Define, develop and improve procedures, and processes for the team and wider operations department.
• Publish reporting and communications to key stakeholders, including briefings, presentations, control group calls/updates.
• Promoting the team’s services/achievements via information sharing opportunities e.g. Town Halls, Blog Posts, Cyber Security Awareness Days.
• Establish and maintain strong relationships across all of Admiral.
• Provide subject matter expert level consultancy services to teams across Admiral.
• Defining and ensuring application of risk mitigation strategies to ensure safe delivery of services provided by the Threat Emulation team.
• Manage technical escalations to a successful resolution.
• Take on responsibility for team management tasks when the Team lead/manager is unavailable.

In addition to the responsibilities already expected of a Threat Emulation Team Member, for example:

• Understanding the key risks the organisation faces, the tactics techniques and procedures that likely threat actors will exploit.
• Working collaboratively with wider Cyber Security teams.
• As a member of the Security Operations department, you will be expected to perform some “out of role” tasks such as conducting threat hunts to look for unidentified threats or new attack vectors or provide surge capability to incident response teams.
• Continue to stay updated on the changing threat landscape.
• Work with the third-party suppliers of our Security Products.
• Work with third-party security testing firms in a collaborative manner.

Experience required 

Essential 

• 3+ Years of delivering offensive security exercises.
• Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
• Experience of being a technical lead on security testing engagements.
• A strong technical background is required with in-depth experience in several of the following areas:
  • CI/CD Pipelines/DevOps
  • Cloud and Cloud Security (Specifically Azure and GCP)
  • LLM Security Considerations
  • Applications of AI in Offensive Security
  • Scenario/objective based Penetration Testing/Red Teaming
  • Purple Teaming
  • Microsoft AD, Entra and In-Tune
  • SASE technologies
  • Malware Development
  • Initial Access Vectors
  • Windows Post Exploitation
  • EDR/AV Evasion
  • Reverse Engineering & Malware Analysis
  • CBEST/STAR-FS, TIBER-EU and other frameworks
• An excellent knowledge of broader Information Security principles.
• Keen attention to detail and excellent analytical skills.
• Ability to actively manage workloads to meet business and department requirements.

Desirable 

• Competent skillset in scripting and programming common high-level languages, e.g. C#, Go, Bash, PowerShell, etc.
• A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures.
• One or more technical Information Security Certifications such as:
  • GIAC Certification: GRTP, GXPN, GCPN, GX-PT, GDAT
  • Crest Certified Tester, Crest Certified Red Team Specialist
  • Cyberscheme Senior Security Tester, Cyberscheme Red Team Lead
  • Cyber Security Council Principal or above accreditation.
• Degree in an Information Security / Computing discipline.

Admiral: Where You Can

We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.

Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.

We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.

Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.

Disability Confident Leader

As a Disability Confident Leader, for candidates with a disability or long-term health condition, that opt into the Disability Confident scheme, we’ll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process.

If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do email here or contact us on 07425324587. This number is dedicated to supporting candidates that require reasonable adjustments or support during the application process.

#LI-CS1