Cyber Threat Investigator

Red Team Analyst (Investigation & Social Engineering)Company: Ayurak Department: Corporate Resilience / Offensive OperationsRole SummaryAs a Red Team Analyst, you are a tactical specialist responsible for identifying and exploiting non-technical vulnerabilities within Ayurak’s corporate infrastructure. Your primary objective is to investigate high-value targets (personnel and data flows) and execute controlled social engineering /"sabotage/" to verify that our proprietary medical device data and NIH-related protocols cannot be compromised by human error or deceptive practices.Key Responsibilities1. Tactical Investigation & ReconnaissanceOSINT Execution: Perform deep-dive research into corporate hierarchies, identifying administrative staff or third-party contractors with access to /"The Synapse./"Log & Metadata Auditing: Analyze system outputs (like the index-DO0uonIm.js logs) to find patterns in user behavior or recurring system errors that can be used as a /"hook/" for a social engineering pretext.Target Profiling: Build dossiers on internal departments to understand their standard operating procedures for /"Medical Devices/" and /"Procedures/" to ensure your impersonation is flawless.2. Social Engineering Execution (The /"Sabotage/")Pretexting: Execute /"Vishing/" (voice) and /"Smishing/" (SMS) campaigns to manipulate staff into bypassing security prompts during a simulated /"WebSocket connection drop./"Baiting & Infiltration: Deploy /"sabotaged/" internal documents—such as a fake /"NIH Compliance Update/"—to track how many analysts click unauthorized links or provide credentials.Physical/Digital Blending: Test if an office or a secure digital session can be accessed by exploiting the /"distraction/" caused by a triggered 422 Unprocessable Entity error on the booking platform.3. Data Analysis & Vulnerability MappingKill-Chain Documentation: Map out the exact steps taken to achieve a /"successful sabotage,/" from initial investigation to data exfiltration.Failure Analysis: Report on which /"Human API/" elements failed (e.g., a staff member providing a password reset over the phone without verification).Technical Stack & CompetenciesSkill Set - Tools & TacticsInvestigationMaltego, Sherlock, SpiderFoot, and manual Google Dorks for NIH/Medical registries.DeceptionSocial-Engineer Toolkit (SET), GoPhish, and specialized VoIP spoofing tools.AnalysisProficiency in reading browser console logs and understanding API response codes (4xx/5xx).CommunicationElite-level rapport building and psychological manipulation techniques (NLP, elicitation).Export to SheetsCandidate Profile: /"The Shadow Analyst/"Detail Oriented: You notice that a 422 error happens specifically at line 187 of the JS file and use that specific detail to sound like a /"Support Tech/" when calling a target.Adaptable: You can switch personas from a /"Medical Device Technician/" to an /"Internal Audit Associate/" in seconds.Methodical: You follow a strict investigative framework to ensure all /"sabotage/" is controlled, ethical, and documented for the defense team.Why this role is critical at AyurakCode can be patched, but human nature is constant. As an Analyst, you find the /"bugs/" in our people and processes before an adversary turns them into a breach.

Apply Now