Offensive Security Engineer - SimSpace Corporation Boston, MA; Washington DC Bookmark Share Print 1686 4 36

Listing Description

Do you think like an adversary, do you love to break into systems and enjoy penetrating and exploiting networks to reach a specified target? If so we are looking for experienced operators to join our Red Team. The Red Team is responsible for providing the Opposing Force during tests, training & exercises and will leverage the tools, tactics and techniques used by unsophisticated and sophisticated adversaries alike.

You will:

• Engage in live Red versus Blue engagements with defenders who will be working to repel the adversary from their network
• Assume the role of multiple adversaries to present varying levels of threat
• Develop attack plans to meet customer specified objectives and provide sufficient engagement to challenge the defenders while not being overwhelming
• Test and rehearse the attack techniques and tools prior to customer engagements to better ensure sufficient level of success
• Develop and deliver debriefs to identify the success or failure of each attack while providing constructive feedback to the defenders on areas where they may improve
• Strategize and coordinate with other Red Team operators to deconflict attacks and achieve the collective objectives
• Constantly research and refine tactics and techniques to bolster our capability
• Collaborate with our developers, providing feedback and assisting in the prioritization of attack tool development
• Automate attack sequences for use in diverse training venues
• Develop, test and deploy custom attack tools designed to fill specific Red Team needs
• Plan, develop, test and deploy individual and team training modules in the SimSpace training platform.

You have:

• Relevant certifications from organizations like Offensive Security (OSCP/OSCE), or SANS (GPEN, GXPN, GWAPT), or Equivalent experience with demonstrable requisite skills
• Ability to think "outside the box" during engagements, tying together disparate vulnerabilities or misconfigurations to achieve the goal
• Solid understanding of tactics and techniques used during offensive network operations and the ability to modify them to subvert defensive countermeasures
• Experience with multiple operating systems (Windows, Unix/Linux etc.)
• Knowledge of common system and network configurations, for multiple system types
• Solid understanding of networking, network protocols and their uses
• Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, IR, AV, EDR, etc.)
• Experience working with virtualization solutions

Your skills:

• Experience with the commonly used attack frameworks (Cobalt Strike, Metasploit, CANVAS, Empire, Core Impact, etc.)
• The ability to think and act as various adversaries during an engagement
• Strong communication skills
• Strong Python Programming Skills are required
• Programming ability with any of the following:
  
  • Scripted Languages (Ruby, PowerShell, Bash, Batch, PHP, etc.)
  • Compiled Languages (C/C++, Golang, etc.)