Offensive Security Analyst II

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security or other related field preferred or 3+ years’ required experience in related field.
• 3+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and computer/network administration.
• Minimum 2+ years experience in Information Security required.
• Basic experience using penetration testing security tooling, such as Kali Linux.
• Basic experience using Burp suite or similar web application hacking tools.
• Basic experience using command and control frameworks such as Cobalt Strike.
• Basic experience with programming/scripting languages: e.g. Python, PowerShell.
• Basic experience bypassing controls such as antivirus or web application firewalls.
• Basic knowledge of networking concepts protocols and encryption.
• Basic knowledge of Active Directory discovery, enumeration, and exploit methods.
• Basic knowledge of application security best practices and tools.
• Basic knowledge of operating system best practices and tools.
• Basic knowledge reading/writing/modifying malicious code.
• Excellent time management and ability to track and deliver on commitments.
• Excellent adaptability and ability to learn complex technical skills quickly.
• Excellent written and verbal skills.

Nice To Haves

• OSCP, CRTO, GPEN or other penetration testing or red team certification(s) preferred.

Responsibilities

• Perform penetration testing of company owned application, networks, and systems.
• Perform web application and cloud discovery, enumeration, and exploitation.
• Assist in red team operations and adversary emulation exercises.
• Assess and communicate the operational risks of exploitation.
• Create testing plans and methods to find and confirm vulnerabilities.
• Scope and assess the time needed to complete operational testing tasks.
• Modify and adapt public exploit code and tools to meet operational requirements.
• Utilize and develop automation where possible to save time and gain efficiency.
• Serve as a subject matter expert to the organization for offensive security topics.
• Provide expertise to security operations, threat intelligence, and forensics, as needed.
• Work independently and troubleshoot technical and business process related issues.
• Experience supporting a variety of different offensive engagements for a large enterprise.
• Ability to present complex topics, simply, to varying levels of the organization.

Benefits

• group health insurance benefits (medical, vision, dental)
• FSA and HSA healthcare accounts
• life and accident insurance
• adoption and fertility assistance
• paid parental leave of up to 6 weeks
• short/long term disability
• paid time off for vacation, personal needs, and sick time
• up to 11 paid holidays per calendar year
• 401(k) savings and investment plan or deferred compensation plan (if eligible), with an employer match of 100% on the first 3% of your contributions for eligible employees.