Engineer, Offensive Cybersecurity

Job Summary:

As an Offensive Cybersecurity Engineer, you'll perform penetration testing on web applications, APIs, and mobile applications, create detailed cybersecurity reports, and stay updated with the latest testing techniques and tools. You'll also present findings to customers, train team members, and develop scripts to automate testing processes. We are looking for a passionate Cybersecurity professional to join our best in class global team.

Responsibilities (including but not limited to):

•   Perform cybersecurity risk assessments on complex, enterprise organizations. Systems and services include, but are not limited to: Microsoft 365, Amazon Web Services, Google Cloud Platform, Traditional Active Directory, Endpoint Detection and Response systems, Email Security Systems, and Networking Equipment.
•    Identify and evaluate security misconfigurations and vulnerabilities while considering compensating controls and operational needs across the aforementioned systems and services.
•    Analyze the potential impact and likelihood of identified risks across different environments (on-prem, cloud, hybrid).
•    Write highly detailed technical reports on the findings, mitigation strategies, compensating controls, and methodology that can then be digested by both an executive and technical audience. 
•    Create and conduct technical reviews of various highly detailed cybersecurity testing reports.
•    Research and stay up to date with the latest testing techniques, tools, and methodologies.
•    Present reports to customers and discuss nuanced technical recommendations, with the expectation of leading customer presentations within 3 months.
•    Discuss with, collaborate with, and train teammates from the Cybersecurity Red Team around various tools and techniques associated with cybersecurity risk assessment.
•    Assist team members on other projects and engagements, such as Social Engineering, Network Penetration Testing, and Vulnerability Review. 
Skills: 
•    Critical and creative thinking to strategize how to add value to customer engagements.
•    Ability to self-manage time and commitments.
•    Strong attention to detail and well-organized.
•    Highly motivated to continuously learn and innovate.
•    Excellent verbal and written communication skills, especially when communicating complex concepts to non-technical audiences.
•    Exceptional spelling and grammar skills for writing and proofreading documents.
•    Familiarity and comfortability operating with ScoutSuite and other cloud-based tools.

You'll love this job if you:
•    Value, integrity, and honesty above all else in a non-negotiable way.
•    Have a passion for the information security industry and helping people.
•    Are capable of managing time efficiently and meeting deadlines with multiple concurrent projects.
•    Are able to work within constraints and to challenge the status quo.
•    Are able to self-direct work, orient to action, and truly own the position.
•    Have a collaborative attitude and mindset with colleagues and team members

Qualifications:
•    3+ Years of professional technology experience (I.e., Sysadmin, Networking, Cloud infrastructure, Software Development, etc.) (Required)
•    2+ Years experience auditing major cloud platforms, like Azure, AWS, and GCP (required) 
•    2+ Years of Penetration Testing Experience (nice to have)
•    Bachelor’s Degree in one of the following areas of concentration: Computer Science, Software Development, Information Technology, Cybersecurity (nice to have)
•    One or more of the following certifications (nice to have)
o    Certified Information Systems Security Professional (CISSP)
o    Certified Information Security Manager (CISM)
o    Certified Ethical Hacker (CEH)
o    AZ-500: Microsoft Certified – Azure Security Engineer
o    AWS Certified Security – Specialty
   Google Professional Cloud Security Engineer

   CPSA (Practitioner Security Analyst)
   CRT (Registered Penetration Tester)