Red Team Associate Consultant - SkillBridge (Remote)

CrowdStrike

20h•Remote

About The Position

CrowdStrike's DoD SkillBridge / Career Skills Program (CSP) Internship is an approved SkillBridge Program under Dept. of Defense Instruction 1322.29 as enacted by 10 U.S.C. Sec 1143. Eligibility is restricted to members of the U.S. Armed Forces separating honorably with greater than 180 days of continuous Active Duty. SkillBridge/CSP period of eligibility is within the final 180 days of Active-Duty service, and the SkillBridge/CSP must be completed prior to separation from Active Duty in the U.S. Armed Forces. CrowdStrike’s DoD SkillBridge/CSP Internship is open to members of all services, and all ranks and experience levels. Service members should fully review SkillBridge/CSP Job Description for requirements and qualifications of the individual position. SkillBridge participants participate in full time training with industry (40-hour work week) under permissive temporary duty military orders and are not eligible for compensation from CrowdStrike during SkillBridge participation but will continue to receive all military wages and benefits as defined by the Department of Defense. DoD SkillBridge/CSP is fully compliant with FLSA, DBA, SCA, CSHSSA and all other pertinent Federal and State labor laws. For more employer information regarding DoD SkillBridge/CSP, please visit the Department of Defense DoD SkillBridge website at https://skillbridge.osd.mil/ The Red Team Consultant will perform dedicated Red Team activities simulating known threat actors, to help CrowdStrike customers determine the impact and likelihood of threat actors to accomplish objectives across the Kill Chain and MITRE ATT&CK Framework. The Red Team Consultant is expected to be able to coordinate with senior leadership, plan, execute assessments and assist the other CrowdStrike Services’ functions to help improve customers' security defense.

Requirements

Minimum 3 years of experience in a Red Team/Penetration Testing activities is highly preferred.
Security community participation (conference speaker, tool development contributor etc.) is highly preferred.
Advanced experience with security assessment tools (Metasploit, NMAP, Cobalt Strike, Nessus, Burp Suite, etc.).
Comprehensive understanding of the security methodologies, technologies, and best practices.
Windows / Linux / UNIX / Mac operating systems.
Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.).
Comprehensive knowledge of firewalls, proxies, mail servers and web servers.
Advanced experience with operational support for operating systems, applications and networks.
Advanced experience with Red Teaming (vulnerability/penetration testing/adversary emulation assessments).
Advanced experience in automation and scripting of applications and systems.

Nice To Haves

Desirable Certifications: OSCP, GPEN, OSCE, GCIH, GXPN.

Responsibilities

Perform penetration assessments of operating systems, applications, databases and network infrastructure components to detect, enumerate threats.
Produce high-quality written and verbal reports, presentations, security-focused recommendations, and factual findings of results of Red Team activities to customer management.
Must be able to effectively communicate at all levels (executive leadership and technical support teams) within CrowdStrike.
Be a team player and lead/assist in developing and improving an information security program and information security resources.
Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process.
Must be able to work as an technical operator on various types of penetration testing offerings with an OPSEC mindset.