Job Overview

 We are seeking a Security Analyst (Red Team) to join our dynamic Security Testing dream team and take lead in performing red teaming assessments.  Hands-on role that also requires oversight and collaboration with team of security analysts.

Job Responsibilities  Deliver Red Team Exercises  Conduct state-of-the-art penetration testing against web applications, network infrastructures, user workstations, network appliances and other devices and technologies.  Manual and automated security testing of Web applications, APIs, and Mobile Applications.  Static and Dynamic testing (SAST & DAST) of thick clients / applications  Develop Proof-of-Concept (PoC) for the identified vulnerabilities.  Provide remediation guidance to identified vulnerabilities.  Develop and execute security testing project plans.  Incorporate metrics providing comprehensive insight about the security posture of an organization that will help senior management with decision making.

Technical Skillsets (Mandatory)  Write offensive security software such as: backdoors, keyloggers, password dumpers, spear phishing payloads, and webshells  Knowledgeable about the cyber kill-chain, and can demonstrate that he or she can: persist on a machine, escalate privileges, steal credentials and move laterally on other machines  Find and exploit vulnerabilities in web applications, network services and enterprise network infrastructures  Write in at least two of the following programming languages: C, Golang, Ruby and Python  Experienced and knowledgeable in reading Java, C#, C, PHP, Objective C  Experienced with databases: MySQL, Postgresql, Oracle  Experienced with security tools: Burp proxy, Metasploit, Nessus, Kali, and others  Sound understanding of security frameworks (OWASP Top 10, NIST, MITRE ATT&CK)