This site uses cookies. To find out more, see our Cookies Policy

Red Team/Security Researcher in Annapolis Junction, MD at Booz Allen Hamilton Inc.

Date Posted: 1/11/2019

Job Snapshot

Job Description

Job Number: R0044264

Red Team/Security Researcher

Key Role:
Work in a fast-paced delivery and applied research environment that combine hands-on red team and penetration testing talent with consulting expertise to deliver high-value client security solutions. Lead enterprise and system focused network and application penetration test engagements for a wide variety of clients, including federal government and commercial clients across multiple market sectors. Work in the hybrid team of seasoned red team and threat hunter professionals and blend knowledge across offensive and defensive realms to ensure clients understand the threats, metadata, and analytics needed to detect advanced adversaries. Conduct hands on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, including Windows and *nix. Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities of client networks and develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy effectively to client stakeholders, including technical staff, executive leadership, and legal counsel. Act as the primary interface and lead for small penetration test teams ranging from 1-3 additional testers and manage the delivery of staff assignments, as needed, perform cutting-edge applied security research to understand the latest offensive tools and techniques from an offensive perspective, and work with threat hunters to develop detection techniques and analytics in client networks.

Basic Qualifications:
-Experience with using, administering, and troubleshooting at least two major flavors of Linux, including Ubuntu and RedHat
-Experience with Windows environments and Active Directory concepts
-Experience with scripting and editing existing code and programming using one or more of the following: Perl, Python, Ruby, bash, C/C++, .NET, or C#
-Experience with security assessment tools, including Cobalt Strike, PowerShell Empire, Nessus, Metasploit, or Burp Suite Pro
-Knowledge of network vulnerability assessments, Web application security testing, network penetration testing, red teaming, security operations, or hunt
-Knowledge of open security testing standards and projects, including OWASP and ATT&CK
-Ability to convey results clearly in formal technical reports
-BS degree

Additional Qualifications:
-Experience with working in a commercial consulting or professional services environment
-Experience with assembly languages, including x86 or reverse engineering
-Experience with wireless LAN security, including 802.11 standards
-Experience with phishing and other social engineering tactics
-Ability to show an enthusiasm for security and technology

-BS degree in Computer Engineering, CS, or a related field preferred

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

CMD, SIG2017

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.