Senior Red Team Penetration Tester (Remote)
UT6: 4 Farm Springs 4 Farm Springs Road, Farmington, CT, 06032 USA
Full Time Senior-level / Expert USD 118K - 246K
RTX
At RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space and defense.Date Posted:
2024-10-31Country:
United States of AmericaLocation:
UT6: 4 Farm Springs 4 Farm Springs Road, Farmington, CT, 06032 USAPosition Role Type:
RemoteRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.
To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.
The following position is to join our RTX Corporate, Enterprise Services, Research Center or BBN team:
Role Overview:
Enterprise Services (ES) Cybersecurity has an immediate opening for a qualified and motivated penetration tester to join RTX Cyber Defense, reporting to the Associate Director of Cyber Testing, Assessments, and Simulations. As the Sr. Red Team Penetration Tester you will be responsible to plan, communicate, coordinate, and conduct red team activities, penetration tests, and security assessments for cloud environments, applications, systems and enterprise networks while adhering to strict rules of engagement and ethical cyber behavior.
What You Will Do:
- Scope, plan and execute penetration testing of enterprise internal and external network assets to identify and demonstrate potential vulnerabilities
- Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Cloud, infrastructure, and Windows or *nix OS’s; conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities
- Create detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations; ability to communicate identified risks to customers.
- Perform information technology security research to remain current on emerging technology risks and develop exploitive methods emulating the tactics, techniques and procedures of known adversaries.
- Contributes to development and implementation of tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk.
- Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure.
- Provide regular risk briefings to senior management on findings and develop remediation approaches and recommendations to improve cybersecurity posture
- Contribute and implement elements of functional strategies and operational goal to enhance and execute organizational services.
- Perform other duties as assigned and as required to continuously drive process excellence.
- Ability to travel 10-15% of time.
Qualifications You Must Have
- Requires a University Degree or equivalent experience and a minimum 10 years of experience, or an Advance Degree and a minimum 7 years experience of relevant work experience in an environment that supports integrated risk management.
- 7+ years of experience in security with practice in penetration testing large and complex enterprise networks and cloud environments and vulnerability assessments
- 5+ years with utilizing penetration testing framework such as MITRE ATT&CK & OWASP
- Must be authorized to work in the U.S. without sponsorship now or in the future. RTX will not offer sponsorship for this position.
Qualifications We Prefer
- Ability to execute advanced concepts such as application manipulation, exploit development, and stealthy offensive operations.
- Programming experience with focus on penetration testing or process automation
- Possess knowledge of both information security and computer science.
- Understanding of cloud, networking, applications, and operating system functionality
- Skilled in conducting non-attributable research using all available sources, including social network analysis
- Experience with web and mobile applications, databases, operating systems
- Hands-on OS configuration/administration experience
- Excellent communication and interpersonal skills
Preferred candidate will have high degree of experience with the following technologies:
- Cobalt Strike, Kali Linux
- PowerShell, C#, GhostPack, Bloodhound
- Nmap, Burp Suite
- One Offensive Security Certification (OSCP, OSEP, OSWP, OSWA, OSWE)
What We Offer: Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.
Learn More & Apply Now!
Work Location: Remote
Please consider the following role type definition as you apply for this role:
Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed.
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms
Tags: Automation Burp Suite C Cloud Cobalt Strike Computer Science Cyber defense Exploit Kali Linux MITRE ATT&CK NIST Nmap Offensive security OSCP OSWE OSWP OWASP Pentesting Physics PowerShell Privacy Red team Risk management Security assessment Travel Vulnerabilities Windows
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care Insurance Medical leave Parental leave Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.