Senior Red Team Operator

Overview 

As a member of our Red Team, you will be challenged to test assumptions and make the unknown known.  Working closely with our Incident Response and Cyber Threat Intel teams you will use adversarial techniques to test the ability of our people, processes, and technologies’ resiliencies against cyber-attacks.  When issues are found you will partner with peers and leadership in our technology organization to effectively communicate the gaps and to provide guidance on effective remediation.  This includes performing penetration testing of various technologies at the firm along with designing and participating in Red Team/Purple Team exercises to strengthen our detection and response capabilities. 

Role summary and job responsibilities 

• Perform penetration testing on enterprise networks, systems, and technology stacks. 

• Develop and coordinate Red/Purple Team exercises. 

• Contribute to continuous attack/validation program. 

• Identify, recommend, and build controls & signatures in response to new or observed cyber threats in support of internal Incident Response/Cyber Threat Intel teams. 

• You will contribute to the development of and improvement in cyber security standard methodologies within your group. 

• Collaborate with peers to provide input and continuously improve practices. 

Business knowledge 

• Can articulate and translate cyber security risks and vulnerabilities into practical solutions for technology teams to facilitate remediation. 

• Detailed knowledge of the cyber program associated objectives. 

• Understanding of common threats to, and historical attacks against, the Financial Services industry. 

Requirements 

• Typically, 5+ years of experience in a 24x7 global enterprise, preferably in the Financial Industry.

• Familiarity with modern Threat Actor Tactics, Techniques and Procedures and counter measures. 

• Understanding of Windows domain concepts for hybrid cloud environments. 

• Experience with Active Directory concepts and vulnerabilities. 

• Ability to identify vulnerabilities in networks, systems, and applications using common penetration testing frameworks, tools, and techniques or manual processes.

• General understanding of web technologies/frameworks (HTML, JavaScript, etc.) and their associated vulnerabilities (OWASP Top 10, XSS, filter bypassing, SQL Injection) .

• In-depth understanding of Windows operating systems and knowledge of Unix, Linux, and macOS operating systems. 

• Ability to utilize MITRE ATT&CK framework, Cyber Threat Intelligence, and Cyber Security Awareness concepts to influence work.

• Knowledgeable about the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs, etc. 

• Basic coding/scripting knowledge, Python or PowerShell preferred.

• Offensive Security (OSCP/OSCE), SANS GIAC (GPEN, GWAPT, GXPN, etc.), or similar information security certifications preferred.

• Dedication to quality and attention to detail.

• Spearheads work reviews and actively participates in providing feedback on others’ work.

• Performs as a specialist in one or more cyber security programs.

• Strong written and verbal communication skills. 

FINRA Requirements

FINRA licenses are not required and will not be supported for this role.

Work Flexibility

This role is eligible for remote work up to three days a week.