Job Description

Who we are looking for

The Red Team Engineer will perform as a member of the Offensive Security team within the Global Cyber Security group and will serve as a technical resource for penetration testing as well as an advisor on technical matters involving the security of information systems. 

The Red Team Engineer will conduct comprehensive assessments of the operational and technical

security controls used by an enterprise applications and critical infrastructure. These assessments

help determine the overall effectiveness of the controls to ensure they are implemented adequately and correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. The Red Team Engineer will interact directly with Application and Infrastructure SMEs, Program Management, Information Security Officers (ISOs), and System Owners. Application of technical expertise and a comprehensive understanding of the related IT controls are required, but not limited to the following areas: Access and Authentication, Data Security, Secure Software Management, Infrastructure Operations, Network Edge Protection, and Vulnerability Management.

What you will be responsible for

Test enterprise defenses; attacking, detection avoidance and preventing circumvention to determine level of risk and exposure.Perform full, detailed security risk assessments and penetration tests on a wide variety of high or critical business solutions that include but are not limited to software, hardware, networks, and mobile devices as well as complex solutions that may include any number of the above configurationsEnsure compliance of system and application security in accordance with corporate security practices/guidelines and relevant technology standards.Prepare final security assessment reports containing the results and findings from the assessment.Conduct follow up and assist with resolution of all findings, as needed.

What we value

Perform Infrastructure and Application Penetration TestingDeep knowledge of attack frameworks, such as MITRE ATT&CKExecute Vulnerability ScanningCloud Security ConceptsIT and Network infrastructure technologies Familiarity various penetration test utilities and tool suitesAbility to perform light programming tasks using common languages such a python and bash Demonstrated ability to identify core issues and work with leaders and team members to resolutionStrong organizational, task switching, and prioritizing skillsAbility to work independently and solve challenging problems while collaboration with stakeholdersKnowledge and interest in current vulnerability related trendsAttention to detailDriving to resultsCollaboration and influencingWorking professionally with confidential informationPresentation skills, both orally and writtenAbility to work well with others and under pressureDemonstrated professionalism in approach to communicating ideas and solutions in simple language

Experience Desired

Education: Bachelor's

3+ years of network and/or application penetration testing5+ years of experience in security/systems/network engineering and/or developmentCEH, OSCP, CISSP, or equivalent preferred.

State Street's Speak Up Line