We are currently seeking a motivated, career and customer oriented Red Team member/Penetration tester/Cybersecurity forensic intrusion analyst to join our Advanced Capabilities Team in the heart of Washington D.C. in order to provide world-class support to our customer and to begin an exciting and rewarding career with a small but growing cybersecurity services company. Must possess minimum of 5 years red team/penetration testing experience. This is an actual red team/penetration testing position and you will be doing "real world" assessments against a live, complex information infrastructure.
You will be performing real-world security assessments against enterprise information infrastructure. You must possess a strong graps on the fundamental cybersecurity skills and knowledge (i.e. networking fundamentals including all OSI layers, basic protocols such as TCP, UDP, HTTP, SMTP, SSL, etc, various security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP, Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes, software exploitation such as web, client-server, mobile, and wireless, on modern operating systems and familiarization with XSS, SSJS, filter bypassing, SQL Injection, as well as common reconnaissance, exploitation, and post exploitation frameworks).
- First and foremost, you will be conducting targeted penetration tests and exploitations without use of automated tools against "real world" targets.
- Research new tools, techniques, countermeasures and trends in network vulnerabilities, data hiding and general network security concepts.
- Assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions.
- Work in a diverse customer needs driven environment and be a "team player", willing to share best practices and always strive for improvement.
- Be highly skilled in both written and verbal communication. You will be briefing mid-level and occasionally senior level members of the client staff and will be writing comprehensive reports regarding computer forensic and intrusion / analytical findings.
- Assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions
- Be familiar with interpreting log output from networking devices, operating systems and infrastructure services.
- Be familiar with common reconnaissance, exploitation, and post exploitation frameworks.
- Have a highly inquisitive mindset.
- Possess and maintain an OSCP certification (other related certs will be considered, such as CEH).
- Maintain and develop knowledge of malware packing and obfuscation techniques.
- (preferred but not mandatory) Possess a Bachelor's Degree in Engineering, Business Management, or Technology related fields
- (preferred but not mandatory) Possess the ability to automate tasks using a scripting language (Python, Perl, Ruby, etc).