Red Team Lead

Key Role:

Maintain responsibility for executing tests, reporting findings, creating and configuring tools, and maintaining testing platforms. Conduct testing for more advanced or privileged scenarios, fulfill the duties and responsibilities of the Red Team (RT) lead, and brief senior stakeholders or leadership, as needed. Supervise the RT junior tester and provide training and guidance, as necessary. Perform automated and manual hands-on Cyber penetration security testing, including identifying security risks within applications, security controls, and network infrastructure. Plan, execute, and report on all testing activities and outcomes and demonstrate their impact through the compromise of Web applications and systems. Conduct network, Web, wi-fi, and other penetration testing activities and execute covert RT Cyber operations to mimic adversary tactics. Promote computer security awareness through hacker demonstrations, working with Cyber-defenders, and presenting detailed security testing project debriefs.

Basic Qualifications:

-5+ years of experience with Cybersecurity

-4+ years of experience with executing Web application, network, and system penetration tests for clients

-Experience with leveraging Open Source penetration testing tools, including Metasploit and the Kali Linux tool set

-Experience with programming using one or more of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code

-Knowledge of open security testing standards and projects, including OWASP

-Ability to assist remediation efforts for discovered vulnerabilities

-BA or BS degree

Additional Qualifications:

-Experience with Web application development, system administration, and the software and system development life cycle

-Experience with red-teaming and covert computer network exploitation

-Experience with programming

-Knowledge of secure coding best practices

-Ability to mentor junior and mid-level staff by teaching the latest penetration testing techniques and to operate and lead organized security testing engagements with little assistance while demonstrating teamwork

-Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff

-Ability to craft custom exploits for proof-of-concept code

-Possession of excellent oral and written communication skills to communicate effectively and professionally with clients, teammates, and senior leadership

-Offensive Security Certified Professional (OSCP), or SANS GIAC Penetration Tester, including GPEN and GXPN Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.