Lead Security Engineer – Red Team Lead
Day to day:
• Plan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise level.
• Develop all Rules of Engagement, scoping documents and reports.
• Performs regular TTP Testing following the Mitre ATT&CK Framework.
• Perform manual penetration tests and validation of vulnerability scan results.
• Develop automation/scripts for replicating TTPs.
• Develop SOPs and architect all penetration testing and security assessment methodologies.
• Devises plans and scenarios for various types of penetration tests.
• Documents exploits and results in remediation and final report.
• Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.
• Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk.
• Selects, installs, and configures security testing platforms and tools or develop tools and procedures for vulnerability assessments and penetration tests.
• Performs vulnerability assessments using automated tools (Metasploit, Nmap, Nessus, Burp Suite, etc.).
What you'll bring to the team…
Bachelor’s Degree in Computer Science or related field
5 years of Information Security experience
Experience developing, executing, and maturing cyber security projects, programs, and process development
• Experience performing penetration tests or Red Team activities
• Experience with the following technologies:
• Kali Linux
• Burp Suite
• Programming or scripting knowledge
• Strong critical thinking, problem-solving, writing, and communication skills
• Ability to convey results to executive and non-technical stakeholders
It would be even better if you also had…
OSCP, GWAPT, GPEN, CISSP