Talent.com
Senior Security Researcher, Adversary Emulation (GCS)

Senior Security Researcher, Adversary Emulation (GCS)

RBC - Royal BankToronto, ON
30+ days ago
Salary
CAD95000 yearly
Job description

Job Summary

Job Description

What is the opportunity?

RBC Adversary Emulation is looking for a Senior Security Researcher to join its team. We are seeking the right person with strong vulnerability research and exploit development experience.

In this role, you will lead red team capabilities development and work on complex operations with a dynamic group of driven offensive security professionals. You will also be exposed to industry-leading training and toolsets, ensuring you can operate effectively in a high-maturity environment.

This is a unique opportunity for a driven professional who enjoys refining their skills, consistently learning, and overcoming complex problems in a large enterprise environment.

What will you do?

  • Lead research and development of red team capabilities (create loaders, droppers, C2 channels, EDR bypasses, BOFs, toolkits, etc.).
  • Conduct vulnerability research and exploit development.
  • Participate in hands-on execution of Red Team Operations and Purple Team Exercises in mature production environments.
  • Contribute to maturing, optimizing, and evolving team services and functions.
  • Write code, collaborate, and overcome challenges.

What do you need to succeed?

Must-have

  • 3+ years of cybersecurity experience in vulnerability research, exploit development, or penetration testing.
  • Degree or Diploma in Computer Science or Cyber Security.
  • Strong software development or cybersecurity experience.
  • Proven cybersecurity experience (CVEs, research papers / blogs, conference talks, open source development or consulting experience).
  • Proficiency in Python, C#, and C / C++.
  • Experience with cloud-based services (Azure, AWS, GCP), source code management tools (e.g., GitHub), and CI / CD pipelines (e.g., GitHub Actions).
  • Critical thinking skills, ability to work with uncertainty and no documentation (we make computers and systems do things their developers did not intend them to do).
  • Interest in ethical hacking, red teaming, malware, and offensive cyber operations.

    • Nice-to-have

  • AI / ML Experience.
  • Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploit Developer (OSED), Offensive Security Exploitation Expert (OSEE), GXPN, GPEN, GWAPT, or other reputable, technical, and offensive-focused certification.
  • Prior experience conducting red team exercises or covert penetration testing.
  • Financial industry experience is a strong asset but not required.

    • What's in it for you?

    We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.
  • Leaders who support your development through coaching and managing opportunities
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • A world-class training program in financial services
  • Flexible work / life balance options
  • Opportunities to work with the best in the field

    • LI-POST

    LI-Hybrid

    TECHPJ

    Job Skills

    C (Programming Language), C# Software Development, Exploit Development, Information Security, Information Technology Security, Object-Oriented Software Development, Penetration Testing, Python (Programming Language), Vulnerability Research