Senior Security Consultant
About The Position
The Senior Security Consultant at DirectDefense will be a crucial member of our cybersecurity team. They are responsible for identifying security vulnerabilities within our clients’ environments and providing technical remediation guidance. This role involves conducting comprehensive penetration tests, performing detailed vulnerability assessments, and leading Red Team engagements to simulate sophisticated attacks. The ideal candidate will possess extensive technical expertise, a deep understanding of both offensive and defensive IT concepts, and the ability to communicate complex security issues effectively. With a focus on staying current with the latest vulnerabilities and technology trends, the Senior Security Consultant will develop and execute proof-of-concept exploits, create detailed reports, and recommend improvements to enhance clients' security postures. This position also involves mentoring junior testers and contributing to the development of innovative testing tools and methodologies.
Requirements
- 5-10 years of hands-on experience in network/infrastructure security and penetration testing.
- Extensive knowledge of offensive toolkits and techniques used in network/infrastructure penetration testing.
- Strong grasp of both offensive and defensive IT concepts, including common attack vectors and defense mechanisms.
- Proven ability to stay current with the latest vulnerabilities, technology trends, and threat landscapes.
- Exceptional ability to develop proof-of-concept exploits that accurately demonstrate identified vulnerabilities.
- Excellent written and verbal communication skills, capable of conveying complex security topics in a clear, concise, and understandable manner to diverse audiences.
- Ability to travel up to 25%
Nice To Haves
- Professional certifications such as OSCP and OSEP are highly preferred.
Responsibilities
- Conduct comprehensive penetration tests to identify security vulnerabilities, assess their impact, and develop actionable remediation strategies.
- Perform detailed vulnerability assessments and analyses of client networks, systems, servers, and other infrastructure components.
- Lead Red Team exercises to simulate advanced persistent threats and measure an organization’s readiness to detect, respond, and mitigate attacks.
- Stay up to date with the latest vulnerabilities, technology trends, threat landscapes, and offensive toolkits used in penetration testing. Apply this knowledge to enhance testing methodologies.
- Develop and execute proof-of-concept exploits to demonstrate the impact and severity of identified vulnerabilities.
- Create comprehensive, accurate, and detailed reports and presentations for both technical and executive audiences, clearly communicating findings, risks, and remediation recommendations.
- Design and develop scripts, tools, and methodologies to improve testing processes and efficiencies.
- Mentor and guide less experienced penetration testers, fostering a culture of continuous learning and professional development.
- Assist in scoping prospective engagements, managing client expectations, and lead engagements from kickoff through remediation.
- Evaluate and recommend improvements to clients’ security architectures, ensuring robust and resilient defenses.
Benefits
- 401(k)
- AD&D Insurance
- Dental Insurance
- Disability insurance
- Health insurance
- Life insurance
- Vision insurance
- Flex PTO program
- Paid certification and continuing education
- Opportunities for professional growth and development within the company.
- Access to training programs and certifications.
- Participation in industry conferences and workshops.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
