Principal Offensive Security Consultant
Remote, United States; Austin, Texas, United States; Irving, Texas, United States; Colorado Springs, Colorado, United States; Las Vegas, Nevada, United States; San Diego, California, United States; Albany, New York, United States
Applications have closed
Presidio
Presidio is a global digital solutions and services provider delivering software-defined cloud, collaboration and security solutions to customers of all sizes.SEIZE THE OPPORTUNITY TO BE A PART OF SOMETHING GREAT!
Presidio is on the leading edge of a technology-driven movement to transform the way business is done, for our customers and our customers' customers. Joining Presidio means immersing yourself in a culture of self-starters, collaborators and innovators who make real, lasting change in the marketplace via cutting-edge technology and business solutions. At Presidio, we know that it’s our people that make the connections happen.
WHY YOU SHOULD JOIN US? You will set your career on track for outstanding achievement with a company that knows no limits. Presidio is a leading a global digital services and solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.
THE ROLE: Principal Offensive Security Consultant
Job Summary:
As a Principal Offensive Security Consultant with Presidio, you will be directly involved in reviewing and assessing client’s internal and external security architectures, identifying risks, and making recommendations that are aligned to applicable regulatory requirements and consensus-based security best practices.
Travel Requirements:
This role is remote; however, you will be expected to travel up to 25% to client sites to deliver professional services.
Job Responsibilities:
- Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Active Directory, cloud, infrastructure, and other environments.
- Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities.
- Participate in and lead Purple Team exercises.
- Perform cloud penetration tests on various cloud platforms such as AWS, Azure, and Google Cloud Platform.
- Develop tools, techniques, standards, and methodologies within our offensive cybersecurity consulting services.
- Develop in-depth reports that include factors such as inherent risk, mitigating controls, business impact, likelihood, and other key elements to determine security risk.
- Conduct offensive security research on emerging technologies and testing capabilities (e.g., testing GenAI and LLM). Develop methods that emulate known adversaries' tactics, techniques, and procedures.
- Provide professional deliverables to clients as well as lead technical and executive client presentations.
- Lead large security engagements in concert with other Presidio teams.
- Work with other cybersecurity consultants in a collaborative team setting to support and assist in the execution and delivery of cyber services such as documentation review and security consulting services.
- Assist leadership and other team members as needed.
Required Skills:
- Working knowledge of common operating systems and domain structures (Windows, Linux, Active Directory, etc.), servers, services, and associated vulnerabilities.
- Working knowledge of scripting languages (e.g., PowerShell, Python, JavaScript, etc.) and/or programming languages (e.g., C, Java, C#)
- Demonstrable experience with security tools such as Responder, Impacket, BloodHound, Sysinternals Suite, OS native (i.e., LOL binaries), and C2 frameworks.
- Knowledge of frameworks such as MITRE ATT&CK, MITRE D3FEND, OWASP, and NIST CSF.
- Deep knowledge of common vulnerabilities and exploits, adversarial methodologies, and tactics.
- Ability to understand and communicate technical recommendations around mitigation and detection of discovered risks.
- Strong verbal and written communication skills, organizational skills, and attention to detail.
- Strong presentation skills.
- Prior experience in a client-facing role as a consultant.
- Demonstrate ownership of projects and tasks and a sense of urgency in completing assigned activities.
- Ability to work collaboratively and professionally with co-workers, clients, and management.
- Ability to be flexible and embrace change.
- Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner.
- Must possess one of the following certifications: OSCP, GPEN, GXPN, GCPN, CCSP, or CRTO.
Additional Desired Skills:
- Perform both authenticated and unauthenticated web application testing as well as API assessments (RESTful and SOAP).
- Familiarity with PlexTrac, Burp Suite, Postman, Swagger, Tailscale
- Mobile application penetration testing experience (iOS and Android).
- Physical penetration testing experience.
- Social Engineering experience (phishing campaigns, impersonation, vishing, smishing)
- Background in web application development and/or cloud computing is strongly preferred.
- Security training focused on penetration testing, web applications testing, cloud security, or red teaming.
- Industry certifications such as CASP+ CE, CCISO, CCNA Cyber Ops, CCNA, CCNP Security, CEH, CFR, CISA, CISM, CISSP, Cloud+, CySA+, GCED, GCIA, GCIH, GICSP, or GSLC.
- Strong cross-functional team participant and collaborative approach to problem-solving.
- Self-starter with the ability to manage their tasks in a larger project or program effort.
Education and Experience:
- Bachelor’s Degree or the equivalent work experience and/or military experience
- 5+ years’ experience conducting penetration tests, web application assessments, or other high-level technical testing.
*****
ABOUT PRESIDIO
Presidio is committed to Diversity, Equity, and Inclusion at the highest levels and has strengthened its drive to build and drive systemic DEI change process across all levels of the organization. Cultivating a culture of inclusion where the expression of all our differences are valued, celebrated, and add to our collective achievements.
Presidio is a global digital services and solutions provider accelerating business transformation through secured technology modernization. Highly skilled teams of engineers and solutions architects with deep expertise across cloud, security, networking and modern data center infrastructure help customers acquire, deploy and operate technology that delivers impactful business outcomes. Presidio is a trusted strategic advisor with a flexible full life cycle model of professional, managed, and support and staffing services to help execute, secure, operationalize and maintain technology solutions. We serve as an extension of our clients' IT teams, providing deep expertise and letting them focus on their core business. Presidio operates in 40+ US offices and offices in Ireland, London, Singapore, and India.
For more information visit: https://www/presidio.com
*****
Presidio is an Equal Opportunity / Affirmative Action Employer / VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, sexual orientation, gender identification or any other characteristic protected by applicable federal, state and local statutes, regulations and ordinances.
To read more about discrimination protections under Federal Law, please visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf
If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to recruitment@presidio.com for assistance.
Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to recruitment@presidio.com.
RECRUITMENT AGENCIES PLEASE NOTE:
Agencies/3 Parties may not solicit to any employee of Presidio. Any candidate information received from any Agency/3 Party will be considered a gift and property of Presidio, unless the Agency/3 Party is an Authorized Vendor of Presidio with an up-to-date Presidio Contract in hand signed by Presidio Talent Acquisition. No payment will be made to any Agency/3 Party who is not an Authorized Vendor, nor has specific approval in writing from Presidio Talent Acquisition to engage in recruitment efforts for Presidio.
#LI-PH1
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Analytics Android APIs AWS Azure Burp Suite C CASP+ CCNP CCSP CEH CISA CISM CISSP Cloud Compliance Exploits GCED GCIA GCIH GCP Generative AI GICSP GPEN GSLC GXPN iOS Java JavaScript Linux LLMs MITRE ATT&CK NIST Offensive security OSCP OWASP Pentesting PostMan PowerShell Python Red team Scripting Vulnerabilities Web application testing Windows
Perks/benefits: Career development Equity / stock options Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.