Job Description
The Red Team Engineer is a key member of the Offensive Security team within the Global Cyber Security group.
Responsibilities
* Conduct comprehensive assessments of operational and technical security controls for enterprise applications and critical infrastructure.
* Determine the overall effectiveness of security controls to ensure they are implemented adequately, operating as intended, and producing the desired outcome.
* Interact with Application and Infrastructure SMEs, Program Management, Information Security Officers (ISOs), and System Owners.
* Apply technical expertise and understanding of IT controls in areas such as Access and Authentication, Data Security, Secure Software Management, Infrastructure Operations, Network Edge Protection, and Vulnerability Management.
Requirements
* Test enterprise defenses by attacking, detection avoidance, and preventing circumvention to determine level of risk and exposure.
* Perform full, detailed security risk assessments and penetration tests on high or critical business solutions.
* Ensure compliance of system and application security in accordance with corporate security practices/guidelines and relevant technology standards.
* Prepare final security assessment reports containing results and findings from the assessment.
* Conduct follow-up and assist with resolution of all findings, as needed.
Desired Qualifications
* Deep knowledge of attack frameworks, such as MITRE ATT&CK.
* Execute Vulnerability Scanning.
* Cloud Security Concepts.
* IT and Network infrastructure technologies.
* Familiarity with various penetration test utilities and tool suites.
* Ability to perform light programming tasks using common languages such as python and bash.
* Demonstrated ability to identify core issues and work with leaders and team members to resolution.
* Strong organizational, task switching, and prioritizing skills.
* Ability to work independently and solve challenging problems while collaborating with stakeholders.
* Knowledge and interest in current vulnerability related trends.
* Attention to detail.
* Driving to results.
* Collaboration and influencing.
* Working professionally with confidential information.
* Presentation skills, both orally and written.
* Ability to work well with others and under pressure.
* Demonstrated professionalism in approach to communicating ideas and solutions in simple language.
Experience Desired
* Bachelor's degree.
* 3+ years of network and/or application penetration testing experience.
* 5+ years of experience in security/systems/network engineering and/or development.
* CEH, OSCP, CISSP, or equivalent certification preferred.