What You’ll Do
- Plan and execute red team attack scenarios to test client staff, systems, and controls.
- Lead Purple Team exercises in conjunction with the SOC.
- Develop and enhance red team capabilities through leadership, strategy, tool or methodology development.
- Conduct network & application penetration tests.
- Perform advanced social engineering exercises to support other red team testing.
- Effectively communicate findings and risk to stakeholders and leadership
- Assist with scoping and managing third party assessments.
- Assist with mentoring and leading less experienced staff.
Who You Are
- 2+ years relevant offensive testing experience with a mix of both Applications and Infrastructure security
- Working knowledge of programming or scripting languages (Python, PowerShell, Golang, etc)
- Must have excellent interpersonal and communication skills.
- Experience with common Penetration Testing/AppSec Tools such as Kali, Metasploit, Burp, etc
- Experience with MS Windows system administration tools
- Have demonstrable knowledge and experience with MITRE’s ATT&CK framework and commonly used TTPs
- Certifications from Offensive Security and/or SANS, e.g. OSCP or GPEN, are a plus.