Purple Team Analyst

Company Description

ABOUT IQ-EQ 

We’re a leading investor services group offering end-to-end services in administration, accounting, reporting, and regulatory and compliance needs of the investment sector worldwide. We employ a global workforce of 5,800+ people across 25 jurisdictions and have assets under administration (AUA) exceeding US$750 billion. We work with 13 of the world’s top 15 private equity firms. 

Our services are underpinned by a group-wide commitment to ESG and best-in-class technology, including a global data platform and innovative proprietary tools supported by in-house experts. 

 Above all, what makes us different is our people. Operating as trusted partners to our clients, we deliver intelligent solutions through a combination of technical expertise and strong relationships based on deep client understanding. 

We’re driven by our group purpose, to power people and possibilities. 

Job Description

The Purple Team Analyst is a key member of the Group Information Security function. This role operates directly under the Group Information Security Senior Manager and works at the intersection of offensive and defensive security. 

The analyst is responsible for coordinating and executing hands-on red teaming, penetration testing, threat-driven security engineering, and validating defensive controls against real-world adversary techniques. The role requires strong expertise in Windows forensic analysis, including the ability to conduct full forensic acquisitions and investigations. The Purple Team Analyst must be able to build complete forensic timelines, interpret artefacts, and leverage offensive security knowledge to identify attacker behaviours, uncover persistence mechanisms, and reconstruct intrusion paths. 

The ideal candidate is technically strong, collaborative, and passionate about IT Security R&D. 

Key Responsibilities

1. Offensive Security & Red Teaming 

• Execute and support red team operations, adversary emulation, and targeted penetration tests. 

• Use frameworks such as MITRE ATT&CK to emulate TTP and run realistic attack scenarios. 

• Develop and maintain offensive tooling and payloads  

• Identify, exploit, and document security vulnerabilities across infrastructure, applications, and cloud environments. 

2. Forensics & Incident Support 

• Coordinate and lead forensic investigations, primarily eDiscovery and occasionally full forensic investigations. 

• Conduct deep-dive analysis of Windows artefacts, including registry hives, event logs, prefetch files, shimcache, amcache, MFT, USN journal, LNK files, etc.  

• Build detailed forensic timelines correlating multiple data sources to reconstruct attacker activity.  

• Apply offensive security understanding to interpret artefacts, identify lateral movement, privilege escalation, and persistence techniques.  

• Produce clear, defensible investigation reports suitable for legal, regulatory, or audit needs. 

 

3. Collaboration, Reporting & Continuous Improvement 

• Work in a highly collaborative environment with Red, Blue, and IT operational teams. 

• Contribute to improving incident response readiness, tabletop exercises, and threat scenarios. 

• Drive security-first behaviours across teams. 

Qualifications

Required Experience & Skills

• You have 4–8+ years of experience in Red Teaming, Purple Teaming, Penetration Testing, or Security Engineering.
• You possess a strong understanding of adversary tactics, attack chains, privilege escalation techniques, and lateral movement.
• You have solid experience working with at least one major SIEM/XDR stack (Sentinel preferred).
• You are adept at validating security controls and detection logic using MITRE ATT&CK.
• You have hands-on experience using offensive tooling and scripting languages such as PowerShell, Python, and Bash.
• You have experience in digital forensics or providing support for forensic investigations.
• You are familiar with cloud security concepts, with a strong preference for Azure environments.

Soft Skills

• You communicate clearly and create well‑structured documentation.
• You demonstrate strong problem‑solving abilities and analytical thinking.
• You collaborate effectively with diverse and cross‑functional teams.
• You maintain a security‑first mindset and demonstrate high integrity in your work.

Preferred Certifications (Nice to Have)

• Offensive Security certifications: OSCP, OSCE, OSEP
• GIAC certifications: GCIH, GPEN, GCFA, GDAT
• Microsoft Security certifications: Azure Security Engineer, Security Operations Analyst
• CREST certifications: CRT/CCT or equivalent

Additional Information

At IQ-EQ we want you to reach your full potential. We offer an inclusive and diverse environment to support your career aspirations. With a strong emphasis on continuous learning and a holistic approach to your professional and personal development. We also offer opportunities across our service lines and our international network of offices.