Offensive Security Analyst II

Job Description: - Perform penetration testing of company owned application, networks, and systems

- Perform web application and cloud discovery, enumeration, and exploitation

- Assist in red team operations and adversary emulation exercises

- Assess and communicate the operational risks of exploitation

- Create testing plans and methods to find and confirm vulnerabilities

- Scope and assess the time needed to complete operational testing tasks

- Modify and adapt public exploit code and tools to meet operational requirements

- Utilize and develop automation where possible to save time and gain efficiency

- Serve as a subject matter expert to the organization for offensive security topics

- Provide expertise to security operations, threat intelligence, and forensics, as needed

- Work independently and troubleshoot technical and business process-related issues

- Experience supporting a variety of different offensive engagements for a large enterprise

- Ability to present complex topics, simply, to varying levels of the organization.

Requirements: - Bachelor's degree in Computer Science, Information Security or other related field preferred or 3+ years’ required experience in related field

- 3+ years of combined IT and security work experience with exposure to systems analysis, application development, database design and computer/network administration

- Minimum 2+ years experience in Information Security required

- OSCP, CRTO, GPEN or other penetration testing or red team certification(s) preferred

- Basic experience using penetration testing security tooling, such as Kali Linux

- Basic experience using Burp suite or similar web application hacking tools

- Basic experience using command and control frameworks such as Cobalt Strike

- Basic experience with programming/scripting languages: e.g. Python, PowerShell

- Basic experience bypassing controls such as antivirus or web application firewalls

- Basic knowledge of networking concepts protocols and encryption

- Basic knowledge of Active Directory discovery, enumeration, and exploit methods

- Basic knowledge of application security best practices and tools

- Basic knowledge of operating system best practices and tools

- Excellent time management and ability to track and deliver on commitments

- Excellent adaptability and ability to learn complex technical skills quickly

- Excellent written and verbal skills.

Benefits: - group health insurance benefits (medical, vision, dental)

- FSA and HSA healthcare accounts

- life and accident insurance

- adoption and fertility assistance

- paid parental leave of up to 6 weeks

- short/long term disability

- paid time off for vacation, personal needs, and sick time

- up to 11 paid holidays per calendar year

- opportunity to contribute to 401(k) savings and investment plan or deferred compensation plan (if eligible) with an employer match of 100% on the first 3% of contributions for eligible employees