Responsibilities:
u2022 Plan and scope the internal Red Teaming Operations and appropriately involve and engage the project partners
u2022 Responsible for leading and executing red team projects, working to test defensive mechanisms
u2022 Create detailed engagement plans, continuous Adversary emulation and simulation
u2022 Perform simulated security testing against corporate web applications, networks, and infrastructure (Windows and Linux)
u2022 Internal critical infrastructure and Active Directory environment security assessment and red teaming.
u2022 Develop tools, scripts, and methods to improve Envestnet internal Red Team tradecraft
u2022 Create reports in an appropriate style and language for the different project partners
u2022 Work closely with the defense/SoC team (Blue Team) to discuss areas for improvement
u2022 Drive the remediation of the findings utilizing the given environment and processes
u2022 Conduct offensive security assessments in O365/Azure/AWS Cloud deployments using tools and manual techniques.
u2022 Experience in Exploitation and vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), Applications (Web, Mobile, Cloud) and network security services (PKI, HTTPS, etc.)
u2022 Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
u2022 Perform analysis of logs from various security controls to identify possible intrusion within the cloud.
u2022 Communicates technical issues within scope of assignment.
u2022 Conducts reviews and validation of specific security fixes as necessary.
u2022 Conduct pen tests on Cloud deployments, including exploit creation to demonstrate a proof of concept.
u2022 Assess the configuration of Firewall/Security Groups/NSG mechanisms, as well as the engineering adherence to security policies.
u2022 Ability to automate attacks using a scripting language (Python, Go, Ruby, PowerShell etc.)

Qualifications (Knowledge, Skills, Abilities):
u2022 Bachelor's degree or equivalent in computer science. Equivalent experience may be substituted for formal education
u2022 Hands on experience in Red Teaming or Penetration Testing
u2022 Capable of writing exploits for identified vulnerabilities in the area of expertise
u2022 Strong knowledge of most common Cloud Security vulnerabilities and their best practices
u2022 Proficiency in a programming language(s) (e.g.: Python, Ruby, Perl, PowerShell)
u2022 Strong analytical and problem-solving skills and the ability to explain complex technical concepts in a clear and concise manner and to provide remediation recommendations.

Requirements (Education, Certification, Training, Experience):
u2022 Relevant industry recognized certifications (E.g.: CRTO, OSCP, CREST, GXPN, GPEN, Cloud Certifications and other well acknowledged security certifications) preferred
u2022 Proficient in adversary focused techniques e.g., OSINT, Recon, phishing, defense evasion, and post exploitation
u2022 Expertise in at least 2 of the cloud platforms is mandatory - Azure, AWS or GCP
u2022 Proficient in security in all cloud contexts and you are comfortable with operating in a regulated industry.
u2022 Knowledge of / or experience with both Enterprise or open-source offensive security tools for reconnaissance, scanning, exploitation, and post-exploitation (e.g.: Cobalt Strike, Metasploit, Burp Suite, Nmap, Empire, Common C2 platforms etc.).
u2022 Knowledge of Commercial and Open-source adversary emulation platforms
u2022 Experience with creating automated log correlations in Splunk, ELK, or a similar tool to identify anomalous and potentially malicious behavior.
u2022 Sound understanding of security frameworks (MITRE ATT&CK, OWASP Top 10, NIST)
u2022 Frequent participation in Cyber security community events through talks, CTFs and related engagements.