Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Position: Cyber Security Analyst

City & State: Owings Mills, MD (Intial Remote)

Position Type: Contract to Hire

Job Description:

As a member of the red team, plan and execute realistic adversarial threat emulation exercises by safely replicating the tactics, techniques, and procedures of threat actors. Using an automated attack platform, you will help our defenders continuously assess their real-world security. You will help contextualize and report findings to leadership.

• Work with Cyber Threat Intelligence, as well as business units, to develop red team attack scenarios consistent with the current threats to the business
• Work with other teams to ensure a smooth execution of testing activities (e.g. red/purple teaming, etc.)
• Provide technical findings and executive reports which highlight and clearly articulate identified strengths, gaps and opportunities
• Utilize skills, knowledge, and experience to be a catalyst for threat centric organizational change
• Use automated attack platform provides a red team experience designed to mirror today's adversaries
• Discover, identify, and exploit vulnerable systems
• Plan and execute network operations against customer infrastructure
• Research threats, vulnerabilities and exploit techniques
• Provide guidance and offense-related insights
• Working with relevant risk teams, contribute to the company's efforts in adopting and maintaining a system-wide view of threat-driven risks
• Identify opportunities to leverage and operationalize existing security investments while also identifying gaps in our defenses and recommending new technologies

Requirements

• 4 + years' offense-related experience with demonstrable hands-on experience executing penetration testing / red team testing assessments of high-consequence systems.
• Experience with offensive tooling and frameworks
• Excellent technical knowledge in security related domains.
• In depth knowledge of enterprise architectures and operations and detailed and up-to-date knowledge of threat and vulnerability management techniques and tools
• Strong knowledge of e.g. OSI Model, MITRE ATT&CK Framework, Firewalls, IDS/IPS, Web Proxies and DLP
• Strong knowledge of networking protocols and packet analysis
• Understanding of modern cyber threat actors, their motivation, scenarios, tools, tactics and procedures
• Capability to be persistent and creative in solving complex and challenging problems
• The ability to work quickly, willingness to work on ad hoc assignments, work independently as needed, strong written and verbal communication skills, and recognizing the importance of being a team player.
• Experience with threat detection, gap analysis, threat hunting methodologies, and understand the capability of hacking tools and how they are used to exploit vulnerabilities and features in enterprise networks.