Job Description
Who we are looking for
The Red Team Engineer will perform as a member of the Offensive Security team within the Global Cyber Security group and will serve as a technical resource for penetration testing as well as an advisor on technical matters involving the security of information systems.
The Red Team Engineer will conduct comprehensive assessments of the operational and technical
security controls used by an enterprise applications and critical infrastructure. These assessments
help determine the overall effectiveness of the controls to ensure they are implemented adequately and correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. The Red Team Engineer will interact directly with Application and Infrastructure SMEs, Program Management, Information Security Officers (ISOs), and System Owners. Application of technical expertise and a comprehensive understanding of the related IT controls are required, but not limited to the following areas: Access and Authentication, Data Security, Secure Software Management, Infrastructure Operations, Network Edge Protection, and Vulnerability Management.
What you will be responsible for
1. Test enterprise defenses; attacking, detection avoidance and preventing circumvention to determine level of risk and exposure.
2. Perform full, detailed security risk assessments and penetration tests on a wide variety of high or critical business solutions that include but are not limited to software, hardware, networks, and mobile devices as well as complex solutions that may include any number of the above configurations
3. Ensure compliance of system and application security in accordance with corporate security practices/guidelines and relevant technology standards.
4. Prepare final security assessment reports containing the results and findings from the assessment.
5. Conduct follow up and assist with resolution of all findings, as needed.
What we value
6. Perform Infrastructure and Application Penetration Testing
7. Deep knowledge of attack frameworks, such as MITRE ATT&CK
8. Execute Vulnerability Scanning
9. Cloud Security Concepts
10. IT and Network infrastructure technologies
11. Familiarity various penetration test utilities and tool suites
12. Ability to perform light programming tasks using common languages such a python and bash
13. Demonstrated ability to identify core issues and work with leaders and team members to resolution
14. Strong organizational, task switching, and prioritizing skills
15. Ability to work independently and solve challenging problems while collaboration with stakeholders
16. Knowledge and interest in current vulnerability related trends
17. Attention to detail
18. Driving to results
19. Collaboration and influencing
20. Working professionally with confidential information
21. Presentation skills, both orally and written
22. Ability to work well with others and under pressure
23. Demonstrated professionalism in approach to communicating ideas and solutions in simple language
Experience Desired
Education: Bachelor's
24. 3+ years of network and/or application penetration testing
25. 5+ years of experience in security/systems/network engineering and/or development
26. CEH, OSCP, CISSP, or equivalent preferred.