Cyber Security Engineer

Skills

Description

The Cyber Security Operations team is critical to the strategic foundation for delivery of our products, most notably the secure delivery of our new Digital SAT and AP programs. We are a highly motivated group of cyber security experts who take a proactive approach to ensuring a strong security posture. We partner across the organization to mature our Threat Management and Incident Response procedures and are constantly seeking and experimenting with new technologies. We are currently using a variety of cutting-edge tools that provide comprehensive cyber security operations for our critical infrastructure in support of our mission to connect students to college success and opportunity. We are committed to creating an inclusive environment where all team members feel valued, respected, and supported in their work. We welcome individuals from diverse backgrounds and experiences to join our team and contribute to our ongoing success.

Responsibilities

• We are seeking a Red Team Operator who will play a critical role in strengthening our cybersecurity infrastructure. This individual will validate the effectiveness of our security controls and detection logic through offensive security operations and collaborative purple teaming exercises. Leveraging their understanding of threat actors, they will simulate potential cyber threats across our systems while documenting their findings and methodologies. This will provide invaluable insights into vulnerabilities and serve as a roadmap for improving our security measures. The operator will also need to communicate these results effectively to various stakeholders within the organization, ensuring leadership is aware of the potential threats and can take appropriate action to mitigate them. This work is crucial to protecting the College Board from potential cyber-attacks and ensuring the safety of our data.
• In this role, you will:
• Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization’s security posture and readiness against cyber threats.
• Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.
• Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization’s defensive capabilities.
• Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.
• Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.
• Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.
• Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).
• Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.
• Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.
• Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.

Educational Requirements

• A bachelor's in computer science or equivalent work experience
• 5 years in IT, with at least 1 year in offensive security
• Experience in Red/Purple team exercises and penetration testing
• Proficiency in C2 frameworks (e.g., Cobalt Strike)
• Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred
• Familiarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.
• Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat Profiling
• Experience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virus/malware solutions
• Proficiency with Burp Suite and testing Web Applications and API’s.
• Familiarity/experience with Electron framework preferred
• Ability to maintain discretion and integrity at all times
• Ability to work in the US without sponsorship