Offensive Security Analyst III

Robert Half, Inc. seeks Offensive Security Analyst III in San Ramon, CA: Job Duties: Support and enhance the daily operations of the Enterprise Information Security (EIS) organization. This role focuses on streamlining internal processes, driving automation, and advancing operational maturity. Lead penetration testing of company-owned application, networks, and systems. Lead web application and cloud discovery, enumeration, and exploitation. Execute red team and adversary emulation operational tasks and objectives. Experience balancing OpSec, stealth, and discipline to simulate realistic adversary behavior. Design red team scenarios aligned with threat intelligence and real-world adversary TTPs. Maintain operational security and evade detection by blue team defenses during engagements. Develop comprehensive and realistic countermeasures and recommendations. Assess and communicate the operational risks of exploitation to stakeholders. Create comprehensive testing plans and methods to find and confirm vulnerabilities. Scope and assess the time needed to complete operational testing tasks. Modify and adapt public exploit code and tools to meet operational requirements. Develop code, when necessary, to advance an operation or mature processes. Serve as a subject matter expert to operational defenders for offensive security topics. Provide expertise to security operations, threat intelligence, and forensics, as needed. Work independently and troubleshoot technical and business process related issues. Experience supporting a variety of different offensive engagements for a large enterprise. Ability to present complex topics, simply, to varying levels of the organization. Support and guide junior staff and virtual teams technically and professionally. Proactively identify and recommend process improvements when applicable. Drives innovation through continuous, self-directed learning and exploration. Telecommuting permitted: work may be performed from anywhere in the U.S. Minimum Requirements: Bachelor’s degree, or foreign equivalent, in Computer Science, Engineering, Cybersecurity, Information Security, or a closely related field plus one year of experience in the job offered or a related occupation. Special Skill Requirements: Combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and computer/network administration (1 year). Experience in conducting penetration testing of enterprise web applications, platforms, and systems including: Microsoft, Salesforce, and Peoplesoft (1 year). Experience using penetration testing security tooling, such as Kali Linux (1 year). Experience bypassing controls such as EDR, antivirus, or web application firewalls (1 year). Experience with EDR (Endpoint Detection and Response) (1 year). Experience with Vulnerability Management concepts (1 year). Experience with Entra and Active Directory discovery, enumeration, and exploit methods (1 year). Experience with operating system internals, best practices, and tools (1 year). Experience with command and control frameworks solutions such as Cobalt Strike (1 year). Telecommuting permitted: work may be performed from anywhere in the U.S. Any offer of employment is contingent upon successful completion of a background check. This position is eligible for our company’s Employee Referral Program.