Red Team Lead in New York, NY at Booz Allen Hamilton Inc.

Date Posted: 9/2/2018

Job Snapshot

Job Description

Job Number: R0003208

Red Team Lead

Key Role:
Work in a challenging environment that combines technical security operations talent with business consulting expertise to deliver industry-leading IT security testing services. Join a team of security enthusiasts that perform cutting-edge research and promote an environment of innovation and knowledge-sharing. Lead enterprise red team engagements for a wide variety of clients, including federal government and commercial clients across multiple market sectors, working with a team of 10+ seasoned security testing professionals to enhance existing services offerings and security testing capabilities. Conduct hands-on technical incident response assessment testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Windows or *nix, conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities of client networks, and develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy to client stakeholders, including technical staff, executive leadership, and legal counsel. Act as the primary interface and lead for small red teams ranging from one to three additional testers and manage the delivery of staff assignments, as needed. This position will require occasional travel to other locations throughout the US and is located in McLean, VA.

Basic Qualifications:
-5+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, red teaming, or security operations or hunt
-Experience with using, administering, and troubleshooting two or more major Linux platforms, including Ubuntu and Red Hat
-Experience with phishing and other social engineering tactics
-Experience with using multiple command and control channels, including DNS and HTTPS
-Experience with obfuscation and multiple methods of payload delivery, including Office document scripting and scripting files
-Experience with Windows environments and Active Directory concepts
-Experience with programming using one or more of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code
-Knowledge of open security testing standards and projects, including OWASP
-Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff

Additional Qualifications:
-Experience with assembly languages, including x86 or reverse engineering
-Experience with physical security assessments, including the use of proxmark3 or similar proximity card spoofing or copying device
-Ability to show enthusiasm for security and technology
-BS degree in Computer Engineering, CS, or a technical field preferred
-DoD 8570 Certification
-OSCP, OSCE, or OSWE or SANS Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

#LI-AH1, CB15, CMCL, DH1, GD15, MPPC

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.