Adversarial Emulation Operator II (Red Team)

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world.  As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.
 

Position Purpose:

This Adversarial Emulation Operator II (Red Team) position is responsible for participating in, and providing inputs to, the planning and scoping of red team operations and purple team exercises; hands-on execution of engagements, contributing to reporting and debriefing, and conducting Proof of Concept exploits around vulnerabilities. You will play an integral part of Centene's Cyber Defense and Operations' (CDO) goal to work collaboratively as we ensure processes, procedures, and controls are tested, ensuring advanced corporate-wide security solutions are ready to protect our enterprise.

• Help plan, coordinate, and execute red team exercises to identify vulnerabilities, control gaps, and potential attack vectors in Centene information systems on prem and in cloud environments
• Work closely with the blue team to test detections, as needed, to validate operational concepts and findings
• Work with the blue team and threat intel to conduct ongoing purple team exercises, sharing insights and knowledge to improve overall security posture
• Help develop and refine supporting processes for all red team activities, including standard operating procedures and playbooks
• Stay up to date with the latest security threats, vulnerabilities, and attack techniques
• Research and experiment with new tools and methodologies to improve the Red Team's capabilities
• Recommend training based on operation and exercise findings
• Provide mentorship for Adversarial Emulation Operators I and II
• Ability to work cooperatively and professionally with co-workers, customers, and management on a daily basis, either remotely or in person
• Versed with security tools & C2 frameworks such as Cobalt Strike, Brute Ratel, Metasploit, Mythic, Sliver etc.
• Experience with threat detection, incident response, and implementing or developing mitigating controls in a medium to large enterprise environment
• Ability to conduct every phase of a red team exercise with limited guidance or supervision
• Solid understanding of exploitation of Microsoft platforms used in the enterprise environment such as Windows Server, Windows 10/11, Active Directory, Certificate Services, Azure, etc.
• Performs other duties as assigned
• Complies with all policies and standards

Education/Experience:

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).
Requires 2 – 4 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Experience in investigating fraud and cybercrime preferred.

Technical Skills:

• 2+ years hands-on technical red team, pen test, or purple team
• Hands-on experience with using modifying and customizing penetration testing and red teaming software frameworks (Cobalt Strike, Brute Ratel, Mythic, etc.) to meet operational requirements
• Experience in professionally delivering technical and executive-level red team reports and briefings
• Ability to independently research new vulnerabilities in software products
• Familiar with fundamentals of software exploitation on modern operating systems and cloud environments

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently

License/Certification:

• Desired, not required based off previous training and hands-on experience:
• Global Information Assurance Certification (GIAC)
• Offensive Security Certified Professional (OSCP)
• Offensive Security Wireless Professional (OSWP)
• Offensive Security Web Expert (OSWE)
• ZeroPointSecurity (CRTO)

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules.  Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law.  Total compensation may also include additional forms of incentives.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act