RED TEAM SPECIALIST OT / ICS

Description

Job Summary: We are seeking a Red Team specialist to simulate advanced threats against industrial infrastructures and OT environments, with a focus on enhancing the security of critical operations. Key Highlights: 1. Design and execution of Red Team operations in industrial environments. 2. Development of custom offensive tooling and participation in Purple Team activities. 3. Access to realistic OT laboratories and high-impact projects. DESCRIPTION We are looking for a **Red Team specialist** focused on simulating advanced threats against **industrial infrastructures and OT environments**. Your mission will be to **emulate offensive capabilities of sophisticated threat actors**, testing the resilience of complex industrial architectures, identifying compromise vectors in converged IT/OT environments, and directly contributing to improving the security of critical operations. This role is intended for professionals who enjoy working in **technically demanding scenarios**, with the freedom to research, develop custom tooling, and execute advanced offensive campaigns. ### **Technical Responsibilities** * Design and execute **full Red Team operations in real or simulated industrial environments**. * Develop **initial access vectors** against corporate networks with pivoting into OT networks. * Execute advanced techniques for: * Lateral movement across segmented networks. * Evasion of industrial controls and OT monitoring solutions. * Persistence in ICS environments. * Controlled exfiltration and simulation of operational impact. * Assess security of: * **SCADA / DCS** systems * PLCs and RTUs * HMIs * Industrial gateways * Historians and engineering systems * Manipulate and analyze industrial protocols: * Modbus / Modbus TCP * DNP3 * OPC UA / Classic * Profinet / EtherNet\-IP * IEC\-104 * Simulate attacks such as: * Compromise of engineering workstations * Logical manipulation of PLCs * Sabotage of industrial processes (simulated and controlled) * Abuse of credentials and IT/OT trust relationships * Industrial supply chain attacks * Develop **custom offensive tooling**, scripts, exploits, or modules for existing frameworks. * Integrate C2 frameworks adapted to industrial networks with connectivity constraints. * Participate in **Purple Team** exercises and validation of OT SOC detection capabilities. * Generate in-depth technical reports and executive briefings oriented toward operational impact. ### **Expected Technical Stack** * Solid experience with offensive frameworks (e.g., Cobalt Strike, Sliver, Mythic, etc.). * Advanced penetration testing on Windows/Linux networks and complex Active Directory environments. * Practical knowledge of industrial segmentation models and architectures. * Network pivoting, tunneling, and covert channels in restricted networks. * Basic reverse engineering of industrial firmware or binaries (advanced knowledge is a plus). * Use of OT-specific tools (e.g., industrial traffic analysis, protocol fuzzing, etc.). * Scripting in Python / PowerShell / Bash / Go or other relevant languages. ### **What We’re Looking For (Ideal Profile)** * An **offensive\-first and curiosity\-driven** mindset. * Ability to work with a high degree of technical autonomy. * Real-world experience in **APT simulation or complex adversarial campaigns**. * Interest in industrial cybersecurity research. * Ability to balance offensive creativity with operational responsibility. ### **What We Offer** * Access to **realistic OT laboratories and complex industrial environments**. * Participation in high-impact projects within critical sectors. * Dedicated time for research, tooling development, and enhancement of offensive capabilities. * A strong technical culture and a senior, specialized team. * A growth plan.