Ensign is hiring !

Key Responsibilities

A. Standard Service Delivery & Consulting (30%)

• Advanced Assessment Execution: Leads complex cyber engagements, including objective-based Red Teaming, Purple Teaming, and tailored offensive security deliverables.
• Technical Remediation & Advisory: Provides strategic advisory to C-level executives and technical teams, translating technical vulnerabilities into business risks and architectural roadmaps.
• Engagement Management: Oversees teams of consultants during active engagements, providing technical leadership and expert guidance while ensuring adherence to testing methodologies and quality standards
• Quality Assurance (QA): Acts as the technical reviewer for deliverables, reports and code, especially for high-stakes and bespoke engagements
• Pre-Sales Support: Supports the sales lifecycle by defining technical scope, estimating effort, and developing methodologies for proposals (RFP/RFQ) related to high-end security services.

B. Capability Development & Engineering (30%)

Including but not limited to:

• Agentic VAPT Platform Development: Builds an autonomous, offline-capable Vulnerability Assessment and Penetration Testing (VAPT) platform, involving designing multi-agent workflows where local LLMs autonomously plan and execute various engagement phases with human-in-the-loop supervision.

• Bespoke Red Teaming Tools: Designs and develops custom Command and Control (C2) frameworks, implants and objective-specific tooling.
• Security Research: Performs in-depth exploration to develop new techniques for security testing and red teaming, including EDR/XDR/AV bypass, novel persistence mechanisms and privilege escalation paths.
• Security Testing Automation: Develops scripts, playbooks and automated workflows for conducting security testing more efficiently and effectively.

• Infrastructure Automation: Develops "Infrastructure as Code" (IaC) to automate the deployment of attack infrastructure, redirectors, and phishing platforms.
• Vulnerability Research: Conducts research into undocumented OS internals (Windows, Linux, macOS) to identify novel vulnerabilities including those for remote code execution and privilege escalation.

C. AI, Data Analytics & Research (20%)

Works with Ensign Labs to operationalise key Consulting capabilities in areas such as

• AI-Driven Security Operations: Leads research into the application of Machine Learning (ML) and Large Language Models (LLMs) for offensive and defensive use cases, including automated code de-obfuscation, generative social engineering, and anomaly detection.

• Big Data Forensics: Utilises high-performance data analysis tools to analyse massive datasets—including IPFIX, DNS logs, and Active Directory events - for threat hunting and pattern recognition.
• Adversarial AI Research: Investigates vulnerabilities in ML models, focusing on model poisoning, inversion attacks, and prompt injection, to develop auditing methodologies for client AI implementations.

D. Threat Intelligence Integration (2​0%)

Including but not limited to:

• Threat Emulation: Analyses Threat Intelligence reports to extract Tactics, Techniques, and Procedures (TTPs) of specific Advanced Persistent Threats (APTs) and operationalises them into executable code for simulation.

• Attribution Analysis: Applies data science techniques to correlate disparate Indicators of Compromise (IOCs) and fingerprint adversary infrastructure.
• Knowledge Transfer: Mentors junior team members on emerging threats and advanced tradecraft, ensuring the wider practice remains current with the evolving threat landscape.

3. Qualifications & Requirements

Technical Skills

• Offensive Security: At least 10+ years of experience in penetration testing, red teaming, or vulnerability research.
• Programming & Scripting:
  • Advanced proficiency in Python for automation, tool development, and data analysis.
  • Proficiency in low-level languages such as C, C++, or Rust for malware development and exploit engineering.
• Data Science & Analytics:
  • Experience with data manipulation libraries.
  • Familiarity with vector databases, SQL, and analytical databases.
• Reverse Engineering: Competence with disassemblers/debuggers and understanding of x86/x64/ARM assembly.
• Operating Systems: Deep knowledge of Windows API, Active Directory internals, Linux kernel, or macOS system architecture.
• Domains: Information/Operational technology, mobile, cloud, hypervisor, and IoT.

Professional Attributes

• Communication: Exceptional technical writing skills and the ability to articulate complex security concepts to non-technical stakeholders.
• Problem Solving: Demonstrated ability to navigate ambiguous problem spaces and drive research from ideation to working prototype.
• Leadership: Experience mentoring technical teams and managing project timelines.

4. Education & Certifications

• Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Data Science, or a related field (or equivalent practical experience).
• Preferred Certifications:
  • Offensive Security: OSEP (Penetration Expert), OSEE (Exploitation Expert), OSCE.
  • SANS/GIAC: GXPN (Exploit Researcher and Advanced Penetration Tester).
  • Other: CISSP (for consulting credibility).