Red Team Engineer

About The Position

Requirements

• 5+ years of experience in penetration testing and vulnerability assessments
• Bachelor’s Degree
• Experience with a variety of tools and techniques for conducting penetration tests and vulnerability assessments.
• Ability to work independently and as part of a team.
• An understanding of common security vulnerabilities (for example, web and operating system vulnerabilities)
• Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards
• Strong understanding of network and application security
• Strong understanding of Active Directory
• Hold any of the following certifications: CEH, Pentest+, LPT, CEPT, GPEN, GWAPT, CPT, OSCP
• Strong process design, time management and organizational skills
• Strong work ethic, initiative, and ownership of work
• Proven ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Understanding of cybersecurity and the relationship between threat, vulnerability, and asset value
• An understanding of emerging technology and digital trends and their impacts on cybersecurity

Nice To Haves

• Ability to demonstrate proficiency with a programing or scripting language.

Responsibilities

• Lead and conduct comprehensive security assessments of systems, applications, and networks to identify vulnerabilities and recommend remediation.
• Analyze results and provide clear and concise reports to management and technical staff.
• Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities.
• Stay up-to-date on industry trends and emerging threats, and proactively share knowledge with the team.
• Collaborate with other members of the Information Security team to ensure that our systems are secure and compliant.
• Design Purple Team exercises to validate detections and grow knowledge of other team members.
• Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
• Perform security risk assessment, threat analysis and threat modelling.
• Stay on-time, on-budget, and within scope of testing activities.
• Debrief users and provide remediation strategy on findings.

Benefits

• medical
• dental
• vision insurance
• 401(k) with company match
• paid holidays and paid time off
• legal and counseling services
• flexible spending accounts
• disability and adoption benefits