Red Team Security Assessment Analyst

Job Description

Auto req ID: 200779BR

Job Description

The Red Team Member is responsible for executing tests, reporting findings, tool creation/selection, tool configuration, and maintenance of testing platforms. This candidate will work closely with all Cyber Fusion Center (CFC) functions and have interactions with project managers, functional teams, and IT delivery and support teams to conduct red team exercises and penetration testing efforts.

Role and Responsibilities

• Performs penetration testing and red teaming activities in line with the goal of discovering vulnerabilities, reducing response time to security events, and improving confidence in detections
• Collaborates with CFC teams to improve detection and identify vulnerable systems

• Supports senior Advanced Assessment team members on task as needed
• Reviews and defines project requirements according to established project timelines
• Participates in security reviews
• Creates and delivers findings to delivery and support teams including administrators
• Researches current trends and developments in red teaming/pentesting tools, techniques, and practices
• Establish project deliverables and priorities working closely with project management and Attack Surface Management leadership

Qualifications/Requirements

Bachelor’s Degree in Business Information Systems, Computer Engineering, Information Science, Computer Science (or equivalent) is required

2+ years experience in either incident response, digital forensics, malware analysis, pentesting, advanced security projects
• Technical proficiency with information security concepts and practices
• Good Linux and Windows server management experience
• Good HTML, PHP, and Java web coding experience
• General understanding of SOC operations
• Analytical, motivated, and self-confident with communication to users, IT partners, and managers
• Pre-existing familiarity with C2 software such as Cobalt Strike

Differentiating Competencies Required

• Information Security certifications such as OSCP, OSCE, GPEN, GWAP, GXPN, CISSP et. al. are well seen
• A self-driven and motivated individual with proven ability to contribute to the development of programs involving multitude of areas and stakeholders
• Communicates ideas or positions in a persuasive manner to influence others to align, motivate, and gain trust
• Experience in various security roles; comfort and confidence interacting with various levels of IT staff including leadership
• Ability to support weekend and off-hours activities when required
• Service oriented attitude

Relocation Eligible: Not Applicable
Job Type: Regular