Security Engineer

Skills

Identifies threat vectors unique to the cyber-attack surface. Requires deep knowledge of attack vectors exploits network protocols and common mistakes Experience emulating adversary tactics techniques and procedures Conducting penetration tests against corporate assets Building and executing proof-of-concept exploits Experience with Hunt and SOC disciplines to hone detections Experience with Cloud Embedded Linux Physical Windows devices

Description

The Offensive Security Engineer roams the information environment, emulating adversary tactics, techniques, and procedures. Conducts scheduled penetration tests against corporate assets, builds and executes proof-of-concept exploits and continuously probes for weaknesses. This role requires deep knowledge of attack vectors, exploits, network protocols, and common mistakes. Primarily works with commercial, open source, and custom tooling to demonstrate how an adversary's actions can impact business operations. Guides and mentor's other contributors to red team positions. Leads development of new attack and reporting tools. Works closely with Hunt and SOC disciplines to hone detections.

Responsibilities

• Adversary emulation:
• Identifies weaknesses with high impact or probability of use. Illustrates how an adversary will interact, and the impacts of those interactions. Illustrates how an adversary will take advantage of company resources to use them against us. Participation in purple team events. Continuous improvement of tooling to evade detections. Conducts penetration tests against web applications. Exploits vulnerabilities in Cloud, Embedded, Linux, Physical, or Windows devices.
• Exploit Execution and Development:
• Customizes exploit code for known and emerging exploits (SR -- novel) Conducts emerging threat and threat landscape research. Conducts expert malware reversal and research.
• Company Expert Penetration Testing
• Provides expert guidance on how penetration testing can solve problems. Work closely with partners in Cyber and Technology to solve problems. Serves as the escalation point for cyber incidents, events, and malware research. Identifies threat vectors unique to the cyber-attack surface.
• Planning and Organizing
• Identifies & evaluates projects, products, and solutions to enhance threat detection and other capabilities. Provides expert guidance on highly complex, large projects to incorporate cyber and fraud detection capabilities and considerations. Participates in industry working and information sharing groups.
• Administration
• Keeps management informed of status of threats, the threat landscape, and current incidents and events through appropriate reporting. Actively participates on committees representing Cybersecurity. Keeps abreast of leading-edge technologies in the threat detection space.