IT Security Director

For further inquiries regarding the following opportunity please contact one of our Talent Specialists

Lavanya

1. Lead planning scoping execution and reporting of red team purple team and penetration test assessments involving client people processes and technologies.
2. Demonstrate expertise in simulating/emulating threat actor tactics techniques and procedures (TTPs) and reconnaissance social engineering cloud web application API infrastructure network and physical security testing techniques.
3. Demonstrate expertise in command and control (C2) and payload development and modification to circumvent network and endpoint security controls (e.g. EDR NDR etc.).
4. Develop and deploy tooling services infrastructure etc. as needed.
5. Collaborate with information security teams to improve prevention detection and response capabilities and provide guidance and support to teams risk managing assessment findings.
6. Improve operational efficiency and grow Ethical Hacking capabilities by building adapting evaluating and/or automating tooling infrastructure services processes procedures methodologies playbooks templates and knowledge bases.
7. Research and integrate the latest tools tactics techniques procedures and developments in vulnerability research exploitation privilege escalation defense evasion lateral movement and means of achieving objectives into new or existing capabilities.
8. Exhibit professionalism act ethically and with integrity operate securely and ensure consistent high quality practices/work and achieve business results in alignment with client strategies and productivity goals.
9. Perform other duties as required.

1. Indepth knowledge of methodologies frameworks tactics techniques procedures and tools that promote effective testing analysis and the ability to determine root cause and create solutions that resolve risk in the best interest of the business.
2. Proficient in the use of testing frameworks tools and scripting and development languages such as Kali Linux Cobalt Strike OST Burp Suite Docker etc.
3. Indepth knowledge of Active Directory Windows and Linux internals social engineering simulation/emulation planning and circumventing security controls.
4. Experience collaborating with developers administrators engineers architects and internal and external stakeholders to drive effective planning scoping execution and risk management.
5. Experience conducting penetration testing red team and/or purple team assessments as a consultant or a demonstrated ability to support multiple concurrent assessments.
6. Experience writing and delivering technical reports and performing technical review and quality assurance.
7. Indepth knowledge of MITRE ATT&CK OWASP CWE CVSS and secure system and software development practices.
8. Excellent communication skills (both written and oral); able to concisely communicate and present risk to both technical and nontechnical audiences.
9. Experience with AWS Azure GCP Kubernetes and/or cloud native technologies.
10. Contributions to the security community such as research public CVEs bugbounty recognitions opensource projects and blogs or publications desired.
11. Ability to travel as assessments and operations require (< 5%).

Bachelors Degree in Computer Science Cybersecurity Information Technology or related discipline or equivalent work experience.

Typically a minimum of five years of information security experience (red teaming purple teaming penetration testing cloud security and/or network security).

Typically a minimum of five years of experience with scripting or development languages (Python C C C# Go Nim Rust Bash SQL PowerShell assembly etc.).

Applicable certifications preferred (CRTL CRTO OSCP OSEP OSEE CRTP CRTE GPEN GXPN)

English( Speak Read Write )

Completed High School (Diploma or GED)(Minimum Reuired)

• MALWARE C# C ACTIVE DIRECTORY