Sr. Red Team Engineer

About The Position

Requirements

• 6 Years of information security experience including at least 2 Years in offensive security positions
• Effective knowledge and experience with tools and techniques used to conduct network, cloud, and web campaigns & exercises, as well as developing new exploits and executing them at scale
• Effective Knowledge of: Threat Modeling, Cloud Security, Cryptography, Authentication & Authorization, and Defensive security & detection techniques (including offensive evasion)
• Effective ability to write and maintain scripts and programs written in PowerShell, Go, and Python
• Strong, professional communication skills (written and verbal)
• Ability to present findings and recommendations to technical and non-technical audiences of all levels
• Bachelor’s degree with a relevant focus or equivalent experience
• Background Check & Drug Screen

Nice To Haves

• Experience with adversary emulation toolsets
• Effective ability to move from a single vulnerability to searching organization-wide for impact
• In-depth understanding of the following: MITRE ATT&CK, MITRE CAPEC, and the Cyber Kill Chain
• Experience with Mobile application testing and vulnerabilities
• Hands-on practical Offensive Cybersecurity certifications (OSCP, ePTX, GPEN, HTB CPTS, or equivalent)
• Cloud certifications (SAA/SAP, AWS Security Specialty, or equivalent)

Responsibilities

• Red Team campaigns and adversary emulation exercises.
• Purple-Team exercises and efficacy tests.
• Impact and Blast-Radius analysis of vulnerabilities and attacks.
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements.
• Report generation that clearly communicates campaign and exercise details, results, and remediation recommendations to internal teams.
• Work with internal Security partners to scope engagements and their objectives, as well as to identify complex vulnerabilities and prove real-world impact.
• Identify trends across Security Assessment findings, bug bounty reports, and enterprise vulnerabilities, and work to determine root cause and real-world impact.
• Occasionally support our internal Cyber Security Incident Response and Cyber Threat Intelligence Teams analyzing and replicating Emerging and Active Threats.
• Support the company's commitment to risk management and protecting the integrity and confidentiality of systems and data.

Benefits

• Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
• 12 weeks of Paid Parental Leave
• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.