Senior Operator - Red Team

Employer
Concentrix
Location
Dover, DE
Posted
Sep 25, 2022
Closes
Oct 03, 2022
Ref
670045890
Function
Accountant, IT
Hours
Full Time
Job Title: Senior Operator - Red Team Job Description Global Cybersecurity Senior Red Team Operator Concentrix Corporation is seeking a Senior Red Team Operator for our Red Team within the Global Security Team reporting to the Manager Red Team. Role Description: The Senior Operator will be responsible for executing penetration tests using a broad range of tools to discover and exploit possible vulnerabilities and weaknesses within the Concentrix network and recommend remediation solutions to safeguard our infrastructure and customer base most effectively. The Global Security Team is looking for someone who has experience conducting exploitation of live networks, conducting penetration tests, and preparing reports of findings. The successful candidate will enjoy working in a dynamic, responsive, and collaborative environment and be dedicated to the success of the organization. Detailed technical knowledge in cybersecurity engineering, system and network security, authentication and security protocols, and the desire to learn are essential. Must have the ability to communicate with and distill information from technical resources during formal and informal meetings. Must be able to work both independently and as a part of team testing efforts. Responsibilities: Contribute to the effective of use of penetration testing and vulnerability assessment tools. Performing reconnaissance, researching, and analyzing vulnerabilities, identifying relevant exploits, preparing corrective action recommendations, and summarizing and reporting results. Assist with identifying critical flaws in systems and networks that threat actors could exploit. Use manual testing techniques and methods to gain a better understanding of the environment and reduce false positives. Conduct network, workstation, and server penetration testing against corporate internet-facing and internal systems. Assist with documenting and presenting comprehensive reports on the various assessment types (ranging from scheduled penetration tests to unscheduled APT simulations) to diverse, global audiences of varying technical understanding. Research and assess new threats, security advisories, and recommend remedial action. Proposes and assists in implementing approaches for addressing vulnerabilities including deployment of specialized controls, infrastructure changes, and changes in the development lifecycle. Validate remediation efforts by reviewing infrastructure/technology updates to verify resolution. Perform special security projects on an ad-hoc basis. Interface with peers on the Global Security Team to share information and enhance the security posture of the enterprise. Required Skills: Hands-on experience performing network and application penetration tests, meaning hands on experience with running and reporting from network assessment tools like NMAP, Nessus, Kali Linux, Nexpose, Metasploit, BurpSuite, Wireshark, etc Ability to create, modify, move, and write files and documents from the command line only. Ability to create and write Bash scripts from the command line. Strong understanding of security fundamentals, frameworks and common vulnerabilities (eg MITRE Attack Framework). General knowledge of access controls, cryptography, security engineering, vulnerability analysis, replicating attack scenarios, risk management concepts, security architecture, etc Ability to effectively communicate within a global enterprise, working through language barriers. Organized, able to track penetration testing activity and create a coherent report when completed. Must be able to mentor junior penetration testers. Desired Skills: Hands-on experience performing network and application penetration tests, meaning hands on experience with running and reporting from network assessment tools like NMAP, Nessus, Kali Linux, Nexpose, Metasploit, BurpSuite, Wireshark, etc Ability to create, modify, move, and write files and documents from the command line only. Ability to create and write Bash scripts from the command line. Understanding security fundamentals, frameworks and common vulnerabilities (eg MITRE Attack Framework). General knowledge of access controls, cryptography, security engineering, vulnerability analysis, replicating attack scenarios, risk management concepts, security architecture, etc Ability to effectively communicate within a global enterprise, working through language barriers. Organized, able to track penetration testing activity and create a coherent report when completed. Desire to mentor junior penetration testers. Qualifications: BS (or equivalent experience/certifications) in Cybersecurity, Information Security, IT, Network Engineering, Computer Science, or related field. GPEN/OSCP/CEH/Pentest or equivalent certification. Minimum 10 years of experience in the following areas: Experience with penetration testing Red Team experience Strong understanding of IT and Cybersecurity technologies and threats to networks, systems, and applications. Blue Team/Cybersecurity defense experience In-depth understanding of security controls In-depth knowledge of CIS benchmarks Excellent verbal, written communication, and presentation skills Must be able to support and communicate issues and/or security gaps to team members Experience with CVSS, CWE, and CVE Demonstrable knowledge of security controls for on premise and cloud-based computing services including AWS or Azure. Knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series. Location: USA, CO, Work-at-Home Language Requirements: English (Required) Time Type: Full time Benefits: For Regular and Temporary Employees: Annual bonus based on company performance; healthcare benefits, wellbeing program, dental benefits, vision benefits, flexible spending accounts, health savings accounts, Employee Assistance Program, 401(k), life insurance, accidental death and dismemberment, paid time off, disability insurance, several voluntary benefits; legal, home and auto, accident insurance and hospital indemnity, and holidays.

Similar jobs