Cyber Advisors

SUMMARY

The Red-Team Engineer Penetration Tester role is a mid-level consulting position within the Cyber Advisors Security Practice responsible for cyber security Red-Team leadership and penetration testing support. This position requires exceptional personal ethics, along with a sense of confidence, guile, and authenticity while exercising one’s ability to misdirect and pretext directly in the face of a client. The role also requires solid leadership in three or more of the following areas: vulnerability analysis, wireless penetration testing, cloud or infrastructure penetration testing, web or mobile application penetration testing, or other demonstrated advanced Red-Team or Purple-Team capabilities, while allowing for on-the-job growth in areas where the candidate is weak. The role will collaborate as needed on many internal and client-facing security projects, and operational security initiatives. The ideal candidate will also support the development and operational activities of junior-level cyber analysts and engineers while helping to grow the security team’s Red Team skillset, processes, and playbooks.

KNOWLEDGE, SKILLS, ABILITIES:

  • Reflect the highest possible ethical and moral standards of Cyber Advisors Security Practice
  • Possess a deep understanding of both information security and computer science
  • Firm grasp of networking, applications, and operating system functionality and concepts across diverse manufacturers
  • Willingness to learn advanced concepts such as application manipulation, exploit development, and stealthy operations
  • Continuously learn new Red-Team techniques and obtain Red Team-oriented certifications suitable to the practice
  • Proven capability and willingness to perform or assist in discovery, triage, remediation, and evaluation of threats
  • Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
  • Willingness to take direction and accept appropriate critical guidance

RESPONSIBILITIES:

  • Conduct cybersecurity vulnerability assessments (Red Team activities) and Penetration Tests based on client organization’s requirements
  • Rapidly assimilate the latest information and react to new client environments on a weekly or monthly basis
  • Understand all the threat vectors into each environment and be able to accurately assess them
  • Perform network penetration, web application, and/or mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments (phishing, vishing, pretexting)
  • Utilize standard formats to create comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  • Recognize and safely use attacker tools, Tactics, Techniques, and Procedures (TTPs)
  • Recognize and be willing to quickly identify and report accidents, errors, and misjudgments
  • Develop scripts, tools, or methodologies to enhance Security Practice Red Team processes
  • Intellectual curiosity and the ability to learn new skills and enhance old skills quickly
  • Ability to conduct client engagements with little or no supervision
  • Desire to share knowledge and skills, and to mentor less experienced staff
  • Review and analyze cyber threats and provide SME support and training to junior level security analysts and engineers
  • Interact with and assist other Cyber Advisors teams within the NOC and MSP practice on time sensitive, critical investigations of Cyber Advisors clients

QUALIFICATIONS:

  • Must demonstrate 2-4 years' experience in the following:
    • Strong skills in email, telephone, and physical social-engineering assessments (phishing, vishing, pretexting) required
    • Network penetration testing and manipulation of network infrastructure and components required
    • Demonstrate ability to write and to communicate clearly and concisely
    • Demonstrate ability to explain complex technical concepts to a non-technical audience
    • Demonstrate ability to manage and prioritize multiple tasks, aggressive targets, and deadlines
    • Demonstrate understanding of priorities and effective work procedures, self-manage work time and prioritize multiple tasks and problems
    • Familiarity with NIST SP 800 series, CIS Benchmarks, COBIT, and similar controls standards
    • Understanding of NIST CSF, CMMC, ISO 27000, and other security frameworks

    EDUCATION AND CERTIFICATIONS:

    The successful candidate will hold:

    • 2-4+ years’ experience in network or cyber security focused on Red-Teams and pen testing
    • Solid understanding of the Penetration Testing Execution Standard (PTES)
    • Relevant pen testing related certifications include one or more CEH, GPEN, CPT, PenTest+, ECSA, CEPT, LPT, OSCP, or OSCE
    • Experience with DoD or LEO communities a plus
    • Active clearance a plus

    WORKING CONDITIONS AND PHYSICAL EFFORT:

    • Must be responsive to client, company, and project emergencies
    • May require occasional out-of-state travel
    • This position includes both on-site and remote work activities and will require travel to the Maple Grove, MN, office on a regular (weekly or bi-weekly) cadence to be established with the manager
    • Ability and willingness to work from the office and from home as needed
    • Must be eligible to work in the US without sponsorship
    • Ability to travel up to 20%

  • Prefer 2-4 years’ experience with three or more of the following skills:

    • Mobile application assessments and penetration testing
    • Web application assessments and penetration testing
    • Shell scripting or automation of basic tasks using PowerShell, bash, Perl, Python, or Ruby
    • Developing, extending, or modifying exploits, shellcode or exploit tools
    • Developing applications in C#, ASP, .NET, C, Java (J2EE), or other high-level language
    • Developing mobile applications in Objective-C, Kotlin, Java, or other language
    • Reverse engineering malware, data obfuscation apps, or ciphers and ciphertext
    • Source code review for application control flow and security flaws