Over the past few years, we’ve read a lot of red team job postings. The vast majority of them were for pentesting positions. That’s well and good, but there’s a different, broader sort of red teaming we believe enterprises should also be conducting. We call it “strategic red teaming,” and it addresses security-related risks across the enterprise from a systems-oriented perspective. It involves much more than pentesting, and we believe more and more enterprises will adopt it in the near future. To aid enterprises in finding the right sort of person to lead a strategic red teaming position, we’ve created the notional job description below. (And just to be clear, we’re not hiring for this position; this is strictly notional—the sort of position we believe enterprises should be considering.)
Update: One wag on Twitter said something to the effect of “This looks like someone who’s looking for a job.” How true! That’s the point. Most red teamers I know have more work than they can handle but are still looking for something like this because they believe in it.
Strategic Red Team Director
This is an excellent opportunity for an experienced, forward-looking red teamer to build a world-class red teaming capability at a prominent global organization. The successful Strategic Red Team Director will lead the enterprise’s efforts in adopting and maintaining a system-wide view of threat-driven risks, with the goal of working with senior management to control these risks.
- Oversee the development of red teaming methods and activities within and across the enterprise, to include (but not limited to) the areas of business continuity, emergency management, supply chain security, information security, personnel security, operations security, and facilities security.
- Develop and manage a threat intelligence program to address threats relevant to the areas listed above.
- Build and maintain a comprehensive model of relevant, feasible threats to the enterprise.
- Educate senior management regarding the strengths, weaknesses, opportunities, and threats associated with strategic red teaming.
- Provide regular threat/risk briefings to senior management regarding issues raised by the red team. Present findings within a context of overall risk to the enterprise. Adjust red team activities and agenda based on senior management input.
- Work closely with existing infrastructure and security teams, both to receive input and to provide practical and actionable intelligence.
- Act as an adversarial counterpoint to security strategy proposals.
- Staff and manage a world-class red team (or teams). Taken as a whole, this team (or teams) should represent expertise across a complete range of the enterprise’s functions.
- At least 10 years of experience conducting red team assessments of high-consequence systems.
- Cross-functional security experience in at least two of the areas listed above.
- A bachelor’s degree in a technical field (master’s degree).
- Thorough understanding of concepts and principles related to security, strategy, management, and intelligence analysis.
- Ability to work productively with a variety of stakeholders (and their associated, sometimes conflicting) interests within the enterprise.
- Ability to work with and against internal resistance, and, as necessary, build consensus for red teaming within the enterprise.
- Ability to think and act both strategically and tactically, theoretically and pragmatically.
- Ability to collaborate and share knowledge within a fast-moving, multifaceted enterprise environment.
- Systems thinking.
- Systems analysis.
- Game theory.
- Intelligence analysis.
- Writing and presentation.
- Risk assessment.
Photo by Breather on Unsplash.