We are seeking a highly skilled Security Validation Engineer to operate and manage the AttackIQ Breach & Attack Simulation (BAS) platform. The role is responsible for continuously validating the effectiveness of the bank’s security controls by simulating real-world cyber-attacks and mapping results against the MITRE ATT&CK framework. This position works closely with SOC, Incident Response, and Security Engineering teams to identify detection gaps and strengthen the organization’s defensive posture.
Key Responsibilities
• Operate, manage, and maintain the AttackIQ BAS platform.
• Design, execute, and manage continuous and scheduled attack simulations across network, endpoint, cloud, and hybrid environments.
• Validate the effectiveness of security controls including NDR, XDR, EDR, SOAR, firewalls, and SIEM.
• Map attack simulation results to the MITRE ATT&CK framework to identify coverage gaps and control weaknesses.
• Collaborate closely with SOC and Incident Response teams to improve detection, response, and remediation strategies.
• Analyze simulation outcomes and provide actionable remediation recommendations.
• Prepare and deliver monthly executive and technical reports on security control effectiveness and risk exposure.
• Support continuous improvement initiatives for security validation and threat detection capabilities.
Required Experience & Qualifications
• 3+ years of hands-on experience in Breach & Attack Simulation (BAS), security validation, red teaming, or adversary emulation.
• Practical experience with AttackIQ or similar BAS platforms.
• Strong working knowledge of the MITRE ATT&CK framework.
• Experience operating in enterprise or financial-sector environments is highly preferred.
• Solid understanding of modern cyber threats, attack techniques, and defensive controls.
Technical Skills
• AttackIQ scenario creation, execution, and customization.
• MITRE ATT&CK technique mapping and gap analysis.
• Strong understanding of adversary TTPs (Tactics, Techniques, and Procedures).
• Knowledge of NDR, XDR, EDR, SOAR, SIEM, and firewall technologies.
• Ability to analyze security telemetry and translate findings into business-focused insights.
