Engineer, Offensive Cybersecurity

Responsibilities (including but not limited to):

· Performing external and internal network vulnerability assessments, penetration tests, and social engineering engagements.

· Creating and conducting technical reviews of various highly detailed cybersecurity testing reports.

· Researching and staying up to date with the latest penetration testing techniques, tools and methodologies.

· Either currently or in the future, perform white box risk assessments and penetration tests of cloud environments (Azure, AWS, GCP)

· Assisting with the development of various scripts, tools, and processes to help automate various pentesting processes.

· Presenting various penetration testing reports to customers and discussing nuanced technical recommendations, with the expectation of leading customer presentations within 3 months.

· Discuss with, collaborate with, and train teammates from the Cybersecurity Red Team around various tools and techniques associated with network penetration testing.

· Managing physical testing appliances (penboxes or security testing appliances). Duties include inventory management, device setup and configuration (scripts have been internally created), and, at times, shipping and receiving.

Skills:

· Critical and creative thinking to strategize how to add value to customer engagements.

· Ability to self-manage time and commitments.

· Strong attention to detail and well-organized.

· Highly motivated to continuously learn and innovate.

· Excellent verbal communication and written communication skills, especially when communicating complex concepts to non-technical audiences.

· Exceptional spelling and grammar skills for writing and proofreading documents.

· Comfortable scripting in Python, Bash, and PowerShell

· Familiar with Windows, MacOS, and Linux operating systems

· Familiarity and comfortability operating within the Linux operating system.

· A thorough understanding of the OSI model, the functionality of common protocols, and major relevant vectors of exploitation.

· A thorough understanding of the MITRE ATT&CK Framework and the Penetration Testing Execution Standard.

· Familiarity with the fundamentals of heuristic-based threat detection technologies such as IDS, IPS, EDR, XDR.

· Understand basic datacenter, cloud, and virtual networking concepts.

You'll love this job if you:

· Value, integrity, and honesty above all else in a non-negotiable way.

· Have a passion for the information security industry and helping people.

· Are capable of managing time efficiently and meeting deadlines with multiple concurrent projects.

· Are able to work within constraints and to challenge the status quo.

· Are able to self-direct work, orient to action, and truly own the position.

· Have a collaborative attitude and mindset with colleagues and team members

Qualificati