Job Descriptions
- Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk
- Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders
- Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing
- Consult with defensive operations teams on adversary tactics to guide and mature cyber defensive countermeasures
- Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff
Qualifications
- Proficiency with leading commercial and open-source automated reconnaissance and penetration testing tools and services
- Ability to perform targeted penetration tests without use of automated tools
- Client-side code execution
- Intimately familiar with networking fundamentals (all OSI layers)
- Understanding of application design principals
- Knowledge of web application exploitation methodologies
- Ability to independently research new vulnerabilities in software products
- Familiar with fundamentals of software exploitation on modern operating systems
- Current knowledge of common threats as they relate to specific industries
- Ability to read and interpret common programming languages
- Excellent written skills, articulating highly technical topics to a wide range of audiences
- Effective organizational and inter-personal skills communicating with clients