Key Responsibilities:

📍Red Team Strategy & Execution 📍Lead and design sophisticated Red Team operations targeting Internet Computer Protocol, governance, subnets, nodes, and system dApps 📍Develop adversary emulation plans to test both platform and infrastructure defenses, identifying weaknesses before they can be exploited 📍Exploit Development & Vulnerability Research 📍Research, develop, and test advanced exploits against the Internet Computer Protocol and infrastructure 📍Maintain an internal repository of exploits, scripts, and tools for advanced offensive security operations Infrastructure Security 📍Strengthen the security of Internet Computer Operating Systems (ICOS) running on virtual machines by implementing advanced hardening measures 📍Perform vulnerability assessments and penetration tests on the ICOS environment and the overall Internet Computer infrastructure to identify and mitigate risks 📍Harden and assess security for internal Kubernetes clusters and associated services, ensuring robust defense mechanisms against container-based attacks 📍Perform security testing across cloud-native infrastructures, CI/CD pipelines, and microservices environments, identifying lateral movement paths and privilege escalation risks 📍Tool Development & Automation 📍Build and maintain custom offensive security tools for exploit delivery, post-exploitation automation, and Red Team simulations 📍Develop secure operational tools to streamline complex engagements and support security monitoring, threat detection, and incident handling 📍Partner with cross-functional teams, including blockchain developers, DevOps, and infrastructure engineers, to embed security best practices throughout the development lifecycle 📍Lead incident response efforts involving blockchain or internal systems, conducting thorough post-mortems and implementing mitigation strategies 📍Publish security advisories and report CVEs

Requirements:

📍Extensive experience planning and executing Red Team engagements in complex, distributed environments, simulating advanced persistent threats (APTs) across blockchain and traditional infrastructure 📍Skilled in adversary emulation, lateral movement techniques, privilege escalation, and exfiltration tactics 📍Proven experience in identifying and exploiting vulnerabilities specific to blockchain ecosystems, including distributed consensus mechanisms, smart contract execution, and inter-node communication 📍Strong understanding of kernel-level vulnerabilities, hypervisor security, and virtualized environments