Red Team and Verodin Lead (TS/SCI) - FireEye, Inc. Washington, D.C., USA Bookmark Share Print 1196 0 3

Listing Description

To ensure fastest possible review of your application, please apply via this link: https://smrtr.io/3YKvr

The Mandiant Consulting team is seeking a Red Team and Verodin Lead to support both federal government and commercial customers. The primary focus of this role will be to perform Verodin Mandiant validation assessments and other Red Team Operations (RTO) against customer’s infrastructure. In this role, the candidate is expected to be able to conduct hands-on penetration testing beyond automated tool validation, conduct scenario-based and functional security testing during authenticated and unauthenticated testing, assess associated coding against well established and universally accepted best practices, develop comprehensive and accurate reports and presentations for both technical and executive audiences, communicate findings and strategy to client stakeholders and technical staff, and assist with remediation activities during testing.

What You Will Do:

Perform Mandiant Validation using Verodin and perform various RTO, network penetration, web application testing, threat analysis, wireless network assessments and social engineering assessments

Develop comprehensive and accurate reports and presentations for both technical and executive audiences

Effectively communicate findings and strategy to customer stakeholders, including technical staff, executive leadership and legal counsel

Recognize and safely utilize attacker tools, tactics and procedures

Develop scripts, tools, or methodologies to enhance Mandiant’s red teaming processes

Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

Ability to lead penetration tests and security assessments from kickoff through remediation, mentoring less experienced staffTop Secret clearance with SCI eligibility and the ability to undergo polygraph (if client requested)

Bachelor’s degree in an IT-related field or equivalent experience

Twelve years (12+) years of cyber security experience; Ten years (10+) years of experience in a penetration testing role, including:

Internal and external network penetration testing and manipulation of network infrastructure

Mobile and/or web application assessments

Email, phone or physical social engineering assessments

Shell scripting or automation of simple tasks using Perl, Python or Ruby

Knowledge of automated validation tools such as Verodin

Crown jewels of High Value Asset (HVA) assessments

Familiarity with application DevOps concepts, tools, and technologies

Mastery of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell

Knowledge of applications, database, Web server design, HTML, and implementation

Validate security weaknesses, research known attacks, develop custom tools and exploits, etc.

Understanding of Internet (HTTP, FTP, etc.) and network (SMB, TCP/IP, etc.) protocols

Knowledge of open security testing standards and projects, including OWASP

Experience with internal/external/web application penetration testing

Thorough understanding of network protocols, data on the wire and covert channels

Expertise consulting with executive and senior-level clients to define needs and issues, developing requirements and analyzing findings to recommend solutions

Superior interpersonal, communication, presentation and writing skills

Additional Qualifications:

Ability to travel up to 30%

Experience developing, extending or modifying exploits, shellcode or exploit tools

Experience developing applications in C#, ASP, .NET or Java (J2EE) desired

Experience reverse engineering malware, data obfuscators or ciphers

Assess compliance posture against regulatory requirements such as NIST SP 800-53, ATT&CK Mitre Framework, CSF, OWASP ASVS, and ISO 27001 desired

Experience performing database assessments including configuration, access controls, patch compliance and penetration testing desired

Offensive Security Certified Professional (OSCP), Offensive Security Certified Engineer (OSCE), Offensive Security Web Expert (OSWE), and/or SANS GIAC Web Application Penetration Tester (GWAPT) Certification desired.