Senior Red Team Engineer

The Senior Red Team Engineer position within the Red Team, and Offensive Security Organization is responsible for identifying new and imminent threats, measuring potential impacts to the organization, and creating proof of concept prototypes. This position reports to the Director of Offensive Security.

Essential functions include:

• Red Team campaigns and adversary emulation exercises.
• Purple-Team exercises and efficacy tests.
• Impact and Blast-Radius analysis of vulnerabilities and attacks.
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements.
• Report generation that clearly communicates campaign and exercise details, results, and remediation recommendations to internal teams.
• Work with internal Security partners to scope engagements and their objectives, as well as to identify complex vulnerabilities and prove real-world impact.
• Identify trends across Security Assessment findings, bug bounty reports, and enterprise vulnerabilities, and work to determine root cause and real-world impact.
• Occasionally support our internal Cyber Security Incident Response and Cyber Threat Intelligence Teams analyzing and replicating Emerging and Active Threats.
• Support the company's commitment to risk management and protecting the integrity and confidentiality of systems and data.
• The above job description is not intended to be an all-inclusive list of duties and standards of the position. Qualified candidates will follow instructions and perform other related duties as assigned by their supervisor.

Minimum qualifications include:

• 6 years of information security experience including at least 2 years in offensive security positions.
• Effective knowledge and experience with tools and techniques used to conduct network, cloud, and web campaigns & exercises, as well as developing new exploits and executing them at scale.
• Effective knowledge of: Threat Modeling, Cloud Security, Cryptography, Authentication & Authorization, and Defensive security & detection techniques (including offensive evasion).
• Effective ability to write and maintain scripts and programs written in PowerShell, Go, and Python.
• Strong, professional communication skills (written and verbal).
• Ability to present findings and recommendations to technical and non-technical audiences of all levels.
• Bachelor's degree with a relevant focus or equivalent experience.
• Background Check & Drug Screen.

Preferred qualifications include:

• Experience with adversary emulation toolsets.
• Effective ability to move from a single vulnerability to searching organization-wide for impact.
• In-depth understanding of the following: MITRE ATT&CK, MITRE CAPEC, and the Cyber Kill Chain.
• Experience with Mobile application testing and vulnerabilities.
• Hands-on practical Offensive Cybersecurity certifications (OSCP, ePTX, GPEN, HTB CPTS, or equivalent).
• Cloud certifications (SAA/SAP, AWS Security Specialty, or equivalent).

Physical requirements consist of a normal office environment. Work is primarily sedentary and requires extensive use of a computer and involves sitting for periods of approximately four hours. Work may require occasional standing, walking, kneeling, and reaching. Must be able to lift 10 pounds occasionally and/or negligible amount of force frequently. Requires visual acuity and dexterity to view, prepare, and manipulate documents and office equipment including personal computers. Requires the ability to communicate with internal and/or external customers.

Employee must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.

Candidates responding to this posting must independently possess the eligibility to work in the United States at the date of hire.

The base pay scale for this position in Phoenix, AZ/Chicago, IL in USD per year is: $140,000 - $160,000. New York, NY/San Francisco, CA in USD per year is: $155,000 - $175,000. Additionally, candidates are eligible for a discretionary incentive plan and benefits.

This pay scale is subject to change and is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific candidate, which is always dependent on legitimate factors considered at the time of job offer. Early Warning Services takes into consideration a variety of factors when determining a competitive salary offer, including, but not limited to, the job scope, market rates and geographic location of a position, candidate's education, experience, training, and specialized skills or certification(s) in relation to the job requirements and compared with internal equity (peers). The business actively supports and reviews wage equity to ensure that pay decisions are not based on gender, race, national origin, or any other protected classes.

The company also offers:

• Healthcare Coverage Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Paid Time Off Unlimited Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
• 12 weeks of Paid Parental Leave
• Maven Family Planning provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.

Early Warning Services, LLC considers for employment, hires, retains and promotes qualified candidates on the basis of ability, potential, and valid qualifications without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote equal employment opportunity and affirmative action, in accordance with all applicable federal, state, and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our employees.