Senior Offensive Security Engineer Senior Penetration Tester Senior Security Analyst

Job Title: Senior Offensive Security Engineer / Senior Penetration Tester / Senior Security Analyst

Location: New York

Duration: Full Time Opportunity

Job Description:

Seeking a candidate to plan and execute penetration testing operations in collaboration with business partners CISOs BISOs GSOC and other stakeholders. The successful candidate will play a crucial role in testing the security program and identifying potential gaps in people processes and technology.

Responsibilities:

Plan lead and execute penetration testing engagements simulating threat actor roles during tests attack simulations training and exercises.

Utilize simulated adversary threatbased approaches to expose and exploit vulnerabilities improving the security of products and the technology landscape.

Replicate tactics techniques and procedures used by modern attackers including common network exploitation and penetration techniques and software exploitation.

Develop attack plans coordinating with Red Team Operators and 3rd Party vendors to achieve objectives.

Provide constructive feedback to defenders and product teams emphasizing successes and failures.

Develop modify and extend tools/exploits for security assessments including custom tools and automation.

Establish credibility as a trusted advisor to stakeholders and stay current with advanced attacks for application in red team activities.

Assist defensive and product teams in understanding how to detect and stop cyberattacks through purple teaming exercises and CTF demonstrations.

Contribute to groundbreaking research and promote an environment of innovation and knowledgesharing within the security enthusiast team.

Act as an individual contributor potentially overseeing those at earlier career stages and 3rd party reports in penetration testing engagements.

Effectively report analysis and findings using various formats such as written reports Jira tickets presentations etc.

Maintain and develop penetration testing processes and related artifacts.

Experience:

Bachelors Degree in Information Systems/Technology Computer Science/Engineering or equivalent field of study or a minimum of 5 years of cyber security experience.

Proven experience in Red Teaming and Penetration Testing.

Minimum 3 years of deep handson technical security experience including expertise in security technologies web applications cryptography social engineering opensource intelligence gathering (OSINT) mobile platforms software security and malware reverse engineering.

Deep technical understanding of enterprise operating system environments Active Directory and networking.

Strong understanding of security vulnerabilities and common software engineering flaws.

Familiarity with popular scripting languages and ability to automate simple tasks.

Familiarity with CNDbased analytical models (Kill Chain ATT&CK etc.).

One or more of the following security certifications preferred: OSCP OSCE OSEE OSWE CREST GXPEN.

Experience working with Financial Services and Critical Infrastructure including the CBEST TIBER iCAST CORIE AASE NYDFS and DORA testing parameters.

Strong verbal and written communication skills along with effective presentation skills.

Ability to thrive in a fastpaced environment with problemsolving and barrierbreaking skills.

Penetration Testing,JIRA,CBEST,Cyber Security