Senior Adaptive Threat Replication Engineer

Senior Adaptive Threat Replication Engineer

Requirements

• 5+ years of professional offensive security experience
• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms to technical and non-technical audience.
• Must be very proficient with the common tools associated with red teaming, penetration testing, and vulnerability assessments (Metasploit, Burp Suite, Cobalt Strike, Kali, etc.).
• Must have a solid understanding of voice and data networks, major operating systems, active directory, their associated peripherals, and strong desire to learn new technologies and skill sets.
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors. Knowledge of MITRE ATT@CK framework.
• Ability to effectively code in a scripting language (Python, Perl, etc.)
• Advisory
• Innovative Thinking
• Technical Documentation
• Technology System Assessment
• Threat Analysis

Responsibilities

• Leading and performing assessments of the bank’s technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats.
• Leading and performing research.
• Understanding the bank’s security policy.
• Working with appropriate partners to complete assessments and simulations.
• Identifying misconfigurations and vulnerabilities and reporting on associated risk.
• Partnering closely with security partners, CIO clients and multiple lines of business.

Preferred Qualifications

• Certifications: OSCP, GPEN, GXPN, OSCE, GWAPT
• Ability to work remotely if/when necessary
• Previous experience working in the financial industry
• Typically has 5-10 years of experience in technology and offensive security assessments