Red Team Security Operator
United States
Full Time Senior-level / Expert USD 135K - 170K
Fidelity National Financial
Overview
POSITION OVERVIEW
Fidelity National Financial (FNF) is seeking a Red Team Security Operator to join our Information Security Office (ISO). This position will report to the Manager of Adversary Simulation. The ideal candidate will have a strong background in offensive security and bring their results-driven experience to improve the state of security at FNF and its family of companies. We are seeking a highly skilled and experienced Red Team Security Operator to join our Offensive Security team, responsible for conducting advanced adversarial simulations and Red Team exercises to assess the security posture of our environment. You will collaborate closely with our internal teams to identify and exploit vulnerabilities, assess security controls, and provide actionable recommendations to enhance our security defenses.
LOCATION
- This position is 100% remote.
- Ability to travel up to 5%, as needed.
DUTIES & RESPONSIBILITIES
- Conduct thorough assessments of our network, systems, and applications to identify weaknesses and potential attack vectors.
- Design and execute complex red team engagements, including reconnaissance, social engineering, penetration testing, and post-exploitation activities.
- Develop and execute custom attack scenarios to emulate real-world cyber threats and assess the effectiveness of existing security controls.
- Collaborate with cross-functional teams to develop comprehensive remediation strategies and recommendations based on red team findings.
- Provide technical guidance and mentorship to junior team members, fostering their professional growth and development.
- Stay abreast of the latest cybersecurity threats, vulnerabilities, and techniques, and incorporate this knowledge into red team operations.
- Communicate effectively with clients to convey technical findings, recommendations, and risk implications clearly and concisely.
- Ensure all tools and systems the department uses are working and escalate issues to senior management or authorized vendors as needed.
- Maintain strict confidentiality regarding Red Team operations, findings, and engagements.
- Work with the manager of offensive security to develop the red team program further.
MINIMUM REQUIREMENTS
- Bachelor's or master’s in computer science, Information Security, or a related field.
- Requires 5+ years of cybersecurity experience, focusing on offensive security, penetration testing, or red teaming.
- Requires 1+ years of experience with BloodHound or a similar tool.
- Proven experience leading and executing red team engagements in complex environments.
- Proficiency in common penetration testing tools and frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite, etc.).
- Advanced understanding of network protocols, operating systems, and cloud environments.
- Excellent problem-solving skills and the ability to think creatively to circumvent security controls.
- Effective communication and interpersonal skills, with the ability to interact confidently with technical and non-technical stakeholders.
- Required OSCP, GXPN, or equivalent.
- Experience with scripting or programming languages (e.g., Python, PowerShell, etc.)
- Active Directory and Azure Active Directory.
- Must be seasoned with attacking and exploiting cloud-based solutions, particularly Azure and AWS. Must be able to understand RBAC and the inner workings of cloud resources.
- Knowledge of and ability to research TTPs for known APTs.
- Knowledge of payload development and EDR bypassing.
PREFERRED EXPERIENCE
- Proficiency with Azure and cloud technologies.
- Proficiency in EDR bypassing.
- Relevant industry certifications such as SANS 565, OSCE, GPEN, or similar certifications.
This position has the potential to earn compensation in the range of $135,000 - $170,000 annually based on location and job-related factors such as skillset and experience. Actual rate may vary within the range provided, depending on a number of factors, including skillset, experience and location. The base compensation is one component of the total rewards package offered to our employees, including optional health and welfare insurance (medical/dental/vision/life/disability); paid holidays, vacation, and sick time off; and matching 401(k) plan and matching employee stock purchase plan.
Tags: Active Directory AWS Azure Burp Suite Cloud Cobalt Strike Computer Science EDR Exploit GPEN GXPN Metasploit Offensive security OSCE OSCP Pentesting PowerShell Python Red team SANS Scripting Travel TTPs Vulnerabilities
Perks/benefits: Equity / stock options Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.