Red-Team Engineer - Penetration Tester

SUMMARY

The Red-Team Engineer Penetration Tester role is a mid-level consulting position within the Cyber Advisors Security Practice responsible for cyber security Red-Team leadership and penetration testing support. This position requires exceptional personal ethics, along with a sense of confidence, guile, and authenticity while exercising one's ability to misdirect and pretext directly in the face of a client. The role also requires solid leadership in three or more of the following areas: vulnerability analysis, wireless penetration testing, cloud or infrastructure penetration testing, web or mobile application penetration testing, or other demonstrated advanced Red-Team or Purple-Team capabilities, while allowing for on-the-job growth in areas where the candidate is weak. The role will collaborate as needed on many internal and client-facing security projects, and operational security initiatives. The ideal candidate will also support the development and operational activities of junior-level cyber analysts and engineers while helping to grow the security team's Red Team skillset, processes, and playbooks.

KNOWLEDGE, SKILLS, ABILITIES:

• Continuously learn new Red-Team techniques and obtain Red Team-oriented certifications suitable to the practice
• Willingness to take direction and accept appropriate critical guidance
• Possess a deep understanding of both information security and computer science
• Reflect the highest possible ethical and moral standards of Cyber Advisors Security Practice
• Firm grasp of networking, applications, and operating system functionality and concepts across diverse manufacturers
• Willingness to learn advanced concepts such as application manipulation, exploit development, and stealthy operations
• Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
• Proven capability and willingness to perform or assist in discovery, triage, remediation, and evaluation of threats

RESPONSIBILITIES:

• Understand all the threat vectors into each environment and be able to accurately assess them
• Rapidly assimilate the latest information and react to new client environments on a weekly or monthly basis
• Conduct cybersecurity vulnerability assessments (Red Team activities) and Penetration Tests based on client organization's requirements
• Recognize and safely use attacker tools, Tactics, Techniques, and Procedures (TTPs)
• Intellectual curiosity and the ability to learn new skills and enhance old skills quickly
• Ability to conduct client engagements with little or no supervision
• Utilize standard formats to create comprehensive and accurate reports and presentations for both technical and executive audiences
• Recognize and be willing to quickly identify and report accidents, errors, and misjudgments
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
• Develop scripts, tools, or methodologies to enhance Security Practice Red Team processes
• Desire to share knowledge and skills, and to mentor less experienced staff
• Perform network penetration, web application, and/or mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments (phishing, vishing, pretexting)

• Interact with and assist other Cyber Advisors teams within the NOC and MSP practice on time sensitive, critical investigations of Cyber Advisors clients
• Review and analyze cyber threats and provide SME support and training to junior level security analysts and engineers

QUALIFICATIONS:

• Strong skills in email, telephone, and physical social-engineering assessments (phishing, vishing, pretexting) required
• Must demonstrate 2-4 years' experience in the following:
• Network penetration testing and manipulation of network infrastructure and components required

• Demonstrate ability to explain complex technical concepts to a non-technical audience
• Demonstrate understanding of priorities and effective work procedures, self-manage work time and prioritize multiple tasks and problems
• Demonstrate ability to manage and prioritize multiple tasks, aggressive targets, and deadlines
• Demonstrate ability to write and to communicate clearly and concisely

• Understanding of NIST CSF, CMMC, ISO 27000, and other security frameworks
• Familiarity with NIST SP 800 series, CIS Benchmarks, COBIT, and similar controls standards

EDUCATION AND CERTIFICATIONS:

The successful candidate will hold:

• Solid understanding of the Penetration Testing Execution Standard (PTES)
• Active clearance a plus
• Relevant pen testing related certifications include one or more CEH, GPEN, CPT, PenTest+, ECSA, CEPT, LPT, OSCP, or OSCE
• Experience with DoD or LEO communities a plus
• 2-4+ years' experience in network or cyber security focused on Red-Teams and pen testing

WORKING CONDITIONS AND PHYSICAL EFFORT:

• This position includes both on-site and remote work activities and will require travel to the Maple Grove, MN, office on a regular (weekly or bi-weekly) cadence to be established with the manager
• Must be responsive to client, company, and project emergencies
• May require occasional out-of-state travel
• Ability and willingness to work from the office and from home as needed

• Must be eligible to work in the US without sponsorship
• Ability to travel up to 20%

• Developing, extending, or modifying exploits, shellcode or exploit tools
• Developing mobile applications in Objective-C, Kotlin, Java, or other language
• Shell scripting or automation of basic tasks using PowerShell, bash, Perl, Python, or Ruby
• Web application assessments and penetration testing
• Developing applications in C#, ASP, .NET, C, Java (J2EE), or other high-level language
• Reverse engineering malware, data obfuscation apps, or ciphers and ciphertext
• Prefer 2-4 years' experience with three or more of the following skills:
• Mobile application assessments and penetration testing
• Source code review for application control flow and security flaws