• CSNP

Why Should You Pursue a Position With a Red Team?


Black background, anonymous mask on person

Author David McHale


With the current climate in IT, and business in general, a lot of people are starting to look at a career in cybersecurity. As one of the fastest growing fields, many new and exciting opportunities are opening up every day. Cybersecurity is an incredibly diverse field that includes everything from data monitoring to ethical hacking. One such career is as a penetration tester on a Red Team.


What is a Red Team?


Smart companies know that in order to keep the lights on, you have to have a good security posture. While much can be done with traditional defensive tactics and monitoring, there are still many security holes that tend to pop up as new technologies spread and old ones are put through the ringer. How can a company be proactive and test for such situations? Enter the Red Team.


A Red Team’s sole responsibility is to mimic the attacker. It is their job to explore every aspect of a network, device, application, and more, with the mindset of a hacker. A Red Team engineer may find themselves using custom gear to break into a network, social engineering their way into a secure location, or phishing the management teams for credentials or other sensitive information. It’s all about simulating as many attack vectors as possible, in order to reveal the vulnerabilities of an organization.


On top of these operations, a Red Team also provides another incredibly important function: reporting on security vulnerabilities. These reports are filled with tremendously important information, and often detail not only the vulnerabilities themselves, but how they were exploited and what can be done to fix them. This information can be the difference between life and death for an organization.


So how can I join one?


Getting into a study course immediately is your best course of action. Start studying for an entry level security certification like the CompTIA Security+. Having a set of goals in mind for your studying will provide a clearer path to follow, as well as some much needed motivation to stick with it. However, certifications are not the only measure of a Red Team engineer.


While security courses and certifications will certainly provide you with a great base and credentials that will get your foot in the door, it really comes down to ability. Red Team engineers are expected to have a decent working knowledge of many aspects of not only cybersecurity, but information technology itself. Exploring other areas like programming and networking will provide you with the kinds of skills that will set you apart and help you thrive.


Once you have a decent knowledge base, and have a basic certification under your belt, you might want to look at some of the more advanced certifications to boost your knowledge and appearance as a professional. Here are a few of the more recognizable certifications you could benefit from:

One thing to note, even after you’ve built up your skills and acquired the certifications, the learning is not over. Any security engineer that sits on their hands instead of continuing their education through self study, practice, and keeping up with current technologies will quickly become obsolete. Have some security hobby projects, and keep up with the news.


Is Red Teaming the End of the Line?


Nope, far from it. While some people choose to do this work for the majority of their career, it doesn’t have to be the last job you ever hold. Being on the front lines of the cybersecurity world gifts you not only a wealth of knowledge, but a very unique and valuable perspective of how security should work and be treated in a wide variety of organizations.


These combined assets will put you at the front of the line for middle and upper level positions further down the road. You may easily find yourself getting promoted to an Information Systems Security Officer (ISSO) position, or some other technical management role. It’s also very common to find bigger positions in the startup world, like Chief Information Security Officer. It’s all about sticking with it and doing plenty of networking (the social kind).


Conclusion


Being a Red Teamer is possibly one of the most exciting tech careers you can choose. The experience you’ll gain from pursuing this field will benefit you for the rest of your life. Because you’re basically forced to be a jack of all trades (master of some), the opportunities that can arise from this career are nearly endless. If you’re interested in it, give it a shot! It may be intimidating from the outside, but it’s entirely doable with time and dedication.


About the Author: David McHale is a DevSecOps Architect and InfoSec Educator, Founder at HailBytes, Director of Security and Infrastructure at Kno2.