GLO Comms
Senior Security Engineer (Red Team)
GLO Comms, Washington, District of Columbia, us, 20022
We are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation and penetration testing, providing strategic insights to fortify our organization's defenses.Responsibilities
Plan, execute, and lead advanced red team engagements, including vulnerability assessments, penetration testing, and exploitation to identify and mitigate security risks.Simulate sophisticated adversary techniques to test and improve defensive controls, employing tools and methodologies that accurately emulate real-world cyber threats.Engage in purple team activities, working closely with the defensive security team to strengthen detection capabilities and response processes.Create custom payloads and exploits (using languages such as C, C++, and C#) to test the resilience of systems and applications, with a focus on evading EDR systems.Work closely with threat intelligence, vulnerability management, and SOC teams to improve the organization's security posture through robust security assessments.Deliver detailed reports on findings, risk implications, and recommendations, providing clear, actionable intelligence to enhance defensive strategies.Requirements
Bachelor's degree in Computer Science, Cybersecurity, or a related field preferred.Minimum of 3 years in offensive security roles, including red teaming, penetration testing, and vulnerability research.6+ years in technical roles in security, networking, systems, or software development.Relevant certifications such as OSEP, OSCP, CRTO, or GXPN.Proficient in scripting languages including Bash, Python, and PowerShell.Hands-on experience with key tools: NMAP, Burp Suite, Kali Linux, Bloodhound, Cobalt Strike, Sliver, Mythic.Deep knowledge of Windows Active Directory exploitation techniques and C2 frameworks.Skilled in evading EDR systems and understanding of defensive control evasion.Benefits
Comprehensive healthcare coverage401(K) plan with company matchingTuition reimbursement for career developmentOn-site fitness facilitiesAccess to Diversity, Equity, & Inclusion (DE&I) programsThis role is hybrid out of Washington, DC. If you or someone you know is interested, please apply in directly!
#J-18808-Ljbffr
Plan, execute, and lead advanced red team engagements, including vulnerability assessments, penetration testing, and exploitation to identify and mitigate security risks.Simulate sophisticated adversary techniques to test and improve defensive controls, employing tools and methodologies that accurately emulate real-world cyber threats.Engage in purple team activities, working closely with the defensive security team to strengthen detection capabilities and response processes.Create custom payloads and exploits (using languages such as C, C++, and C#) to test the resilience of systems and applications, with a focus on evading EDR systems.Work closely with threat intelligence, vulnerability management, and SOC teams to improve the organization's security posture through robust security assessments.Deliver detailed reports on findings, risk implications, and recommendations, providing clear, actionable intelligence to enhance defensive strategies.Requirements
Bachelor's degree in Computer Science, Cybersecurity, or a related field preferred.Minimum of 3 years in offensive security roles, including red teaming, penetration testing, and vulnerability research.6+ years in technical roles in security, networking, systems, or software development.Relevant certifications such as OSEP, OSCP, CRTO, or GXPN.Proficient in scripting languages including Bash, Python, and PowerShell.Hands-on experience with key tools: NMAP, Burp Suite, Kali Linux, Bloodhound, Cobalt Strike, Sliver, Mythic.Deep knowledge of Windows Active Directory exploitation techniques and C2 frameworks.Skilled in evading EDR systems and understanding of defensive control evasion.Benefits
Comprehensive healthcare coverage401(K) plan with company matchingTuition reimbursement for career developmentOn-site fitness facilitiesAccess to Diversity, Equity, & Inclusion (DE&I) programsThis role is hybrid out of Washington, DC. If you or someone you know is interested, please apply in directly!
#J-18808-Ljbffr