About The Position
Thrive is looking for a security engineer to join our Offensive Security team. This team focuses on advanced vulnerability management and Pentesting as a service and delivers strategic security insights to clients based on the findings of these services. This role will own the delivery of these services ensuring client satisfaction, timely and complete service delivery. The Manager will work closely with the team to ensure the services are being delivered to clients effectively, drive automation initiatives to help scale the services, and stay on top of industry’s best practices as well as new features available from the tools. Additionally, the Manager will act as an escalation point for internal teams at Thrive and the primary security contact for these services for the clients. This leadership position requires a strategic thinker with a commitment to maintaining high security standards and fostering client trust in our cybersecurity capabilities.
Requirements
- Solid understanding of network protocols, operating systems, application layer protocols, and security best practices.
- Understanding cybersecurity threats, and experience with incident response standards and procedures.
- Ability to communicate security information to non-technical people.
- Has a passion for Cyber Security.
- Demonstrates comprehension of good security practices
- Knowledge of risk assessment tools, technologies and methods
- Knowledge of penetration testing methodologies, frameworks, and tools
- Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions.
- Must be able to work effectively in a team environment and collaborate within the team and other stakeholders.
- Excellent Written and Verbal Communication Skills
- Computer Networking & Security
- Vulnerability Discovery and Analysis
- Operating System Internals
- Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
- 3-5 years of experience executing penetration tests, writing reports and delivering report debriefs to clients.
Nice To Haves
- Knowledge of common Windows and Linux/Unix system calls and APIs
- Working knowledge of pentesting tools, such as Burpsuite, Metaspliot framework, Caido
- Knowledge of programming and/or scripting languages (i.e. Python)
- One or more of the following certifications or other relevant certifications: eJPT, PJPT, PenTest+, OSCP, GPEN, PNPT, CEH, Security+
Responsibilities
- Execution and analysis of vulnerability scans and determining remediation steps
- Execution and analysis of Penetration Tests (manual and autonomous), writing reports, and delivery of reports to client stake holders.
- Lead client meetings, offering expert advice and guidance as needed.
- Collaborate with clients to understand their business needs and requirements to best align remediation requirements to business outcomes.
- Creation and ongoing upkeep of materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders.
- Update client Security presentations and discuss findings with our clients.
- Maintain a leading edge on security events and techniques to keep our clients aware of new threats and attack techniques.
- Other duties as required.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
501-1,000 employees
