Red Team Analyst (Investigation & Social Engineering)Company: Ayurak Department: Corporate Resilience / Offensive Operations
Role SummaryAs a Red Team Analyst, you are a tactical specialist responsible for identifying and exploiting non-technical vulnerabilities within Ayurak's corporate infrastructure. Your primary objective is to investigate high-value targets (personnel and data flows) and execute controlled social engineering sabotage to verify that our proprietary medical device data and NIH-related protocols cannot be compromised by human error or deceptive practices.
Key Responsibilities1. Tactical Investigation & Reconnaissance- OSINT Execution: Perform deep-dive research into corporate hierarchies, identifying administrative staff or third-party contractors with access to The Synapse.
- Log & Metadata Auditing: Analyze system outputs (like the index-DO0uonIm.js logs) to find patterns in user behavior or recurring system errors that can be used as a hook for a social engineering pretext.
- Target Profiling: Build dossiers on internal departments to understand their standard operating procedures for Medical Devices and Procedures to ensure your impersonation is flawless.
2. Social Engineering Execution (The Sabotage)- Pretexting: Execute Vishing (voice) and Smishing (SMS) campaigns to manipulate staff into bypassing security prompts during a simulated WebSocket connection drop.
- Baiting & Infiltration: Deploy sabotaged internal documentssuch as a fake NIH Compliance Updateto track how many analysts click unauthorized links or provide credentials.
- Physical/Digital Blending: Test if an office or a secure digital session can be accessed by exploiting the distraction caused by a triggered 422 Unprocessable Entity error on the booking platform.
3. Data Analysis & Vulnerability Mapping- Kill-Chain Documentation: Map out the exact steps taken to achieve a successful sabotage, from initial investigation to data exfiltration.
- Failure Analysis: Report on which Human API elements failed (e.g., a staff member providing a password reset over the phone without verification).
Technical Stack & CompetenciesSkill Set - Tools & Tactics
Investigation
Maltego, Sherlock, SpiderFoot, and manual Google Dorks for NIH/Medical registries.
Deception
Social-Engineer Toolkit (SET), GoPhish, and specialized VoIP spoofing tools.
Analysis
Proficiency in reading browser console logs and understanding API response codes (4xx/5xx).
Communication
Elite-level rapport building and psychological manipulation techniques (NLP, elicitation).
Export to Sheets
Candidate Profile: The Shadow Analyst- Detail Oriented: You notice that a 422 error happens specifically at line 187 of the JS file and use that specific detail to sound like a Support Tech when calling a target.
- Adaptable: You can switch personas from a Medical Device Technician to an Internal Audit Associate in seconds.
- Methodical: You follow a strict investigative framework to ensure all sabotage is controlled, ethical, and documented for the defense team.
Why this role is critical at AyurakCode can be patched, but human nature is constant. As an Analyst, you find the bugs in our people and processes before an adversary turns them into a breach.
