Offensive Security and Red Team Senior Consultant

SRA’s mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It’s Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal.   

These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. 

Summary/Objective  

The Offensive Security Senior Consultant position will be part of our Advisory practice on the Technical Assessments team. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work with a wide variety of tool sets and across various well-known client organizations. 

Successful candidates have outstanding technical skills, impeccable soft skills, and are well-organized, self-directed individuals with familiarity working for a service-based information security consultancy.   

Essential Functions  

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  

• Red Teams: adaptive, flag-based red team engagements designed to demonstrate the impact of a dedicated, persistent attacker.  

• Purple Teams: the “open-book” approach to penetration testing, working side-by-side with our internal and client blue teams to strengthen defense against real attackers.  

• Web and Mobile Assessments: dynamic web and mobile application security testing.  

• Penetration Testing: assess internal and external networks for common and custom security  
  flaws that can lead to widespread access to sensitive systems and data. 

• Tactical Assessments: social engineering, spear phishing, physical break-ins, product security assessments, industrial control systems, architecture reviews. 

• Documentation: document evidence of work in reports and status updates. 

• Research and Innovation: use knowledge gained to conduct research initiatives with the purpose of improving our services and giving back to the community. 

• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel. 

Supervisory Responsibility  

Not applicable.  

Work Environment  

This job operates in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.  

Physical Demands  

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employee frequently is required to stand and walk. This is a largely sedentary role.  

Candidates with disabilities are encouraged to apply and email careers@sra.io with any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.  

Position Type/Expected Hours of Work  

This is a full-time position and hours of work and days are Monday through Friday 8:30am to 5pm. Occasional evening and weekend work may be required as job duties demand.  

Travel  

• Willingness to travel < 20 % depending on assignments and specializations.  

• Willingness to travel internationally and domestically on a more frequent basis.  

Requirements

Required Education and Experience  

• Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed. 

• Demonstrable aptitude for technical writing, including assessment reports, presentations, and operating procedures. 

• Experience communicating with clients and independently managing client projects. 

• Knowledge of Windows and *NIX-based operating systems. 

• Knowledge of networking fundamentals and common attacks/defenses. 

• Experience managing multiple projects at once. 

• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy. 

• Strong written/verbal communication and interpersonal skills. 

• Excellent technical skills, impeccable soft skills, and organization skills.  

• Strong written and verbal communication skills to effectively communicate successes and obstacles with team members and leads, as well as client stakeholders. 

Preferred Qualifications and Experience  

• Knowledge of programming or scripting languages.  

Competencies  

• Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.  

• Demonstrable aptitude for technical writing, including assessment reports, presentations, and operating procedures.  

• Experience communicating with clients and independently managing client projects.  

• Knowledge of Windows and *NIX-based operating systems.  

• Knowledge of networking fundamentals and common attacks/defenses.  

• Experience managing multiple projects at once.  

• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.  

• Strong written/verbal communication and interpersonal skills.  

• Excellent technical skills, impeccable soft skills, and organization skills.   

• Strong written and verbal communication skills to effectively communicate successes and obstacles with team members and leads, as well as client stakeholders.   

Other Duties  

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.  

EEO Statement  

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.    

Benefits

Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.

Hack the Box: Access to the enterprise professional labs and academy are included for SRA team members. Additionally, internal team CTFs are conducted to help motivate and keep the team sharp.

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video, and phone sessions.

Medical / Dental / Other (regular full-time employees only)

• Generous medical, dental, and vision benefits at different price points.
• Company-paid disability and life insurance.
• Company 401(k) plan including annual 3% safe harbor contribution.
• Free patient advocacy service that helps find care providers and resolve insurance queries.
• Free on-site wellness programming covering both emotional and physical wellness.
• Generous parental leave, sick leave, and vacation policies.
• Option to work remotely or with a flexible schedule when needed.
• Company-paid cell phone with discounted accessories.
• 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.

(Subject to change)