Skip to main content

This job has expired

Penetration Tester - Red Team (Remote Central US)

Employer
Mandiant
Location
Washington, DC
Closing date
Oct 19, 2021

View more

Company DescriptionSince 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant's approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.Job DescriptionA successful Red Team consultant at Mandiant should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a "press the 'pwn' button" type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 bank, reverse engineering an application and encryption method in order to gain access to sensitive data, all without being detected. If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you're the type of consultant we're looking for.At Mandiant, you'll be faced with complex problem solving opportunities and hands-on testing opportunities on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive and real world scenario testing. The objective doesn't end at gaining "domain admin" or "root"; this is expected and is only a starting point.You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best red teamers in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?Responsibilities:Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessmentsDevelop comprehensive and accurate reports and presentations for both technical and executive audiencesEffectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counselRecognize and safely utilize attacker tools, tactics, and proceduresDevelop scripts, tools, or methodologies to enhance Mandiant's red teaming processesAssist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staffQualificationsRequirements:3-7 years' experience in at least three of the following:Network penetration testing and manipulation of network infrastructureMobile and/or web application assessmentsEmail, phone, or physical social-engineering assessmentsShell scripting or automation of simple tasks using Perl, Python, or RubyDeveloping, extending, or modifying exploits, shellcode or exploit toolsDeveloping applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)Reverse engineering malware, data obfuscators, or ciphersSource code review for control flow and security flawsStrong knowledge of tools used for wireless, web application, and network security testingThorough understanding of network protocols, data on the wire, and covert channelsMastery of Unix/Linux/Mac/Windows operating systems, including bash and PowershellMust be eligible to work in the US without sponsorshipAdditional Qualifications:Ability to travel up to 20%Ability to successfully interface with clients (internal and external)Ability to document and explain technical details in a concise, understandable mannerAbility to manage and balance own time among multiple tasks, and lead junior staff when requiredAdditional InformationAt Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.This is a regionally-based role that must be located in Illinois, Indiana, Iowa, Kansas, Louisiana, Michigan, Minnesota, Missouri, Nebraska, Ohio, Texas, or Wisconsin

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert