Listing Description
Senior Adversarial Engineers drive the team forward as a more experienced technical engineer on the team. This position will take the vision of leadership, bring those ideas to the engineering team and formulate the action plans. As a more senior engineer, you will help clear any technical issues the team runs into that may affect the completion of a project. Associate Adversarial Engineers will look to this position for mentorship and guidance on how to advance their knowledge and career goals.
• Provide Mentorship for AssociateAdversarial Engineers and Adversarial Engineers.
• Conceptualize automation for lab environment to quickly pivot to a new testing format.
• Test and validate detections.
• Build Emulation plans and scenarios within the emulation tool.
• Document all activites during an emulation
• Research and develop future emulation engagements
• Research current TTP's of malicious actors
• Recommend training based on findings from completed emulation test findings
• Strong knowledge of Offensive Security practices and what is needed to drive the program forward.
• Develop processes and procedures surrounding the creation of new emulation testing.
• Experience utilizing penetration testing tools and how adversaries use them to create tactics, techniques and procedures common with current threat avenues.
• Strong understanding of defensive security practices to understand possible evasion tactics or techniques.
• Strong technical knowledge or experience developing in house scripting, using interpreted languages such as Ruby, Python, or Perl, compiled languages such as C, C++, C#, or Java
• Knowledge of how SIEMs (such as Qradar, Splunk, LogRythm, or Alien Vault) and and EDR's (such as CrowdStrike, Microsoft Defender for Endpoint or Cybereason) function
• Experience in developing attack Tactics, Techniques and Procedures (TTPs) using the MITRE ATT&CK Framework construct
• Ability to independently research new vulnerabilities in software products
• Familiar with fundamentals of software exploitation on modern operating systems
• Must have the ability to perform targeted penetration tests without use of automated tools
• Experience with common offensive tools and their functionality such as Metaspoit, Medusa, NMAP, PowerSpoit, Cobalt Strike and Covenant
BA/BS in a related discipline, or equivalent experience
• 3+ years of information security experience, preferably in intrusion detection and response, threat hunting, or red/purple teams
• Advanced knowledge of network, system, and web application attacks.
• Deep understanding of adversary techniques, the signals they generate and how to evade detection
• Expertise in tools and techniques for analyzing large sets of data
• Strong verbal and written communication skills
• Experience developing software automation solutions
• Proficiency in one or more high-level coding or scripting language such as Python, PowerShell, Java Scripting, BASH, C#, Go, SPL, SQL, C++, C
Relevant industry certifications which demonstrate intimate familiarity with the cyber-attack lifecycle. (e.g. GMON, GDAT, GCIH, GCFA, GREM, OSCP, CEH, GCIA, GCIH, CCSP, CAP, CRISC, GWEB, GSSP, GPEN, GFSR, Splunk ESCA, CHFI)
• 3+ years' experience creating, analyzing and responding to security alerts from large scale, complex networks
• Experience with common offensive tools and their functionality such as Metaspoit, Medusa, NMAP, PowerSploit, Cobalt Strike and Covenant
• Knowledge of malware packing, obfuscation, persistence, exfiltration techniques, knowledge of application reverse engineering techniques and procedures.
• Must have the ability to perform targeted penetration tests without use of automated tools
T0615,T0687,T0708,A0080,A0093
K0209,K0405,K0430,K0070,K0469,
Listing Details
- Salary: $130000 - $160000
- Citizenship: Not Provided
- Incentives: Bonus
- Education: Not Provided
- Travel: No Travel
- Telework: Full Telecommute