Mandiant logo
Associate Penetration Tester - Red Team - Entry Level 2022 - Mandiant Alexandria, VA Bookmark Share Print 247 0 4

Listing Description


Job Description

A successful Red Team consultant at Mandiant should possess an understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a “press the ‘pwn’ button” type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work.  A typical job could be breaking into a segmented secure zone at a Fortune 500 bank, reverse engineering an application and encryption method in order to gain access to sensitive data, all without being detected. If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of consultant we’re looking for.

As a Mandiant consultant, you’ll get hands-on experience with complex problems on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing. The objective doesn’t end at gaining “domain admin” or “root”; this is expected and is only a starting point.

You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best red teamers in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?

What You Will Do:

  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate and discuss findings and strategy with internal stakeholders including leadership and technical team members
  • Recognize and safely utilize attacker tools, tactics, and procedures
  • Develop scripts, tools, or methodologies to enhance Mandiant’s red teaming processes

Qualifications

Minimum Requirements:

  • 1+ years’ experience, via internships, classes, projects and similar, in at least three of the following:
    • Network penetration testing and manipulation of network infrastructure
    • Mobile and/or web application assessments
    • Email, phone, or physical social-engineering assessments
    • Shell scripting or automation of simple tasks using Perl, Python, or Ruby
    • Developing, extending, or modifying exploits, shellcode or exploit tools
    • Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
    • Reverse engineering malware, data obfuscators, or ciphers
    • Source code review for control flow and security flaws
  • 1+ years’ exposure working with tools used for wireless, web application, and network security testing
  • Understanding of network protocols, data on the wire, and covert channels
  • Understanding of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
  • Must be eligible to work in the US without sponsorship

Preferred Qualifications:

  • Prior experience in a technical security internship
  • Experience in security competitions, CTFs and/or testing platforms such as Hack the Box, TryHackMe, Overthewire, etc
  • Related projects around cybersecurity, programming, etc
  • Strong technical acumen and ability to quickly assimilate new information
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position is covered under Mandiant’s COVID-19 Vaccination Policy and therefore proof of vaccination against COVID-19 will be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765