Jones Lang LaSalle Incorporated
Senior Offensive Security Operator (Red Team)
Jones Lang LaSalle Incorporated, Chicago, Illinois, United States, 60290
Senior Offensive Security Operator (Red Team)
JLL empowers you to shape a brighter way .Our people at JLL and JLL Technologies are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people and empowering them to thrive, grow meaningful careers and to find a place where they belong. Whether you’ve got deep experience in commercial real estate, skilled trades or technology, or you’re looking to apply your relevant experience to a new industry, join our team as we help shape a brighter way forward.Senior Offensive Security OperatorThis position will be responsible for designing and delivering, both individually and collaboratively, security testing against a range of technologies and operational processes to continuously assess JLL’s global attack surface. The role will execute and provide custom written deliverables related to testing and remediation or mitigation guidance across a variety of engagements that are planned and ad hoc; long and short term; disclosed and undisclosed. The ideal candidate will be experienced and comfortable simulating adversaries with a range of capabilities and intents representative of the threat landscape.Primary ResponsibilitiesPlan, execute, and report on testing against managed and unmanaged devices running Windows, Linux, MacOS, and iOSPlan, execute, and report on authenticated and unauthenticated web application testing, to include executing specific attack methodologies targeting API vulnerabilitiesPlan, execute, and report on testing against cloud environments with a focus on identifying gaps in cloud-native security configurationsPlan, execute, and report on testing against embedded systems, with an emphasis on OT employed in commercial property technologiesPlan, execute, and report on testing against physical security and Wi-Fi vulnerabilitiesAbility to develop and execute custom tools as necessaryAbility, as part of Purple Team engagements, to develop and validate detection methodologies based on testing findingsAbility to advise developers on code-based fixes to address application vulnerabilities discovered during testingAbility to advise on hardening as well as identity proofing and authentication mechanisms to address vulnerabilities identified during testingJob Requirements8+ years of technical cybersecurity experience with at least 5 years of offensive security experienceExperience developing and conducting Red Team and Purple Team engagements against Enterprise IT users and online applicationsExperience with vulnerability discovery within and exploitation of embedded systemsExperience with reverse engineering both firmware and softwareExperience developing and deploying custom persistence and exfiltration toolsExperience writing and delivering reports from testing engagementsExperience leveraging testing findings to develop detection and prevention methodologies leveraging security technologies to include SIEM and EDRExperience executing web application penetration testsAbility to communicate remediation guidance to developersAbility to adapt and prioritize in a fast-paced work environmentExcellent written and oral communication skillsWork independently and within a team to build relationships and interact effectively with business partners.A desire to work within a diverse, collaborative, and driven professional environment.Estimated total compensation for this position:
140,000.00 – 190,000.00 USD per yearThe total compensation range is an estimate and not guaranteed. An employment offer is based on an applicant's education, experience, skills, abilities, geographic location, internal equity and alignment with market data.Location:
Remote – Chicago, ILIf this job description resonates with you, we encourage you to apply, even if you don’t meet all the requirements. We’re interested in getting to know you and what you bring to the table!Personalized benefits that support personal well-being and growth:401(k) plan with matching company contributionsComprehensive Medical, Dental & Vision CarePaid parental leave at 100% of salaryPaid Time Off and Company HolidaysJLL Privacy NoticeJones Lang LaSalle (JLL), together with its subsidiaries and affiliates, is a leading global provider of real estate and investment management services. We take our responsibility to protect the personal information provided to us seriously. Generally the personal information we collect from you are for the purposes of processing in connection with JLL’s recruitment process. We endeavour to keep your personal information secure with appropriate level of security and keep for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely.This position may require you to be fully vaccinated against COVID-19. If required, you’ll be asked to provide proof that you’re fully vaccinated upon your start date. You’re considered fully vaccinated two weeks after you receive the second dose of a two-dose vaccine series (e.g., Pfizer or Moderna) or two weeks after a single-dose vaccine (e.g., Johnson & Johnson/Janssen). Failure to provide proof of vaccination may result in termination.Jones Lang LaSalle (“JLL”) is an Equal Opportunity Employer and is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process – including the online application and/or overall selection process – you may contact us at Accommodation Requests. This email is only to request an accommodation. Please direct any other general recruiting inquiries to our Contact Us page.Accepting applications on an ongoing basis until candidate identified.
#J-18808-Ljbffr
JLL empowers you to shape a brighter way .Our people at JLL and JLL Technologies are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people and empowering them to thrive, grow meaningful careers and to find a place where they belong. Whether you’ve got deep experience in commercial real estate, skilled trades or technology, or you’re looking to apply your relevant experience to a new industry, join our team as we help shape a brighter way forward.Senior Offensive Security OperatorThis position will be responsible for designing and delivering, both individually and collaboratively, security testing against a range of technologies and operational processes to continuously assess JLL’s global attack surface. The role will execute and provide custom written deliverables related to testing and remediation or mitigation guidance across a variety of engagements that are planned and ad hoc; long and short term; disclosed and undisclosed. The ideal candidate will be experienced and comfortable simulating adversaries with a range of capabilities and intents representative of the threat landscape.Primary ResponsibilitiesPlan, execute, and report on testing against managed and unmanaged devices running Windows, Linux, MacOS, and iOSPlan, execute, and report on authenticated and unauthenticated web application testing, to include executing specific attack methodologies targeting API vulnerabilitiesPlan, execute, and report on testing against cloud environments with a focus on identifying gaps in cloud-native security configurationsPlan, execute, and report on testing against embedded systems, with an emphasis on OT employed in commercial property technologiesPlan, execute, and report on testing against physical security and Wi-Fi vulnerabilitiesAbility to develop and execute custom tools as necessaryAbility, as part of Purple Team engagements, to develop and validate detection methodologies based on testing findingsAbility to advise developers on code-based fixes to address application vulnerabilities discovered during testingAbility to advise on hardening as well as identity proofing and authentication mechanisms to address vulnerabilities identified during testingJob Requirements8+ years of technical cybersecurity experience with at least 5 years of offensive security experienceExperience developing and conducting Red Team and Purple Team engagements against Enterprise IT users and online applicationsExperience with vulnerability discovery within and exploitation of embedded systemsExperience with reverse engineering both firmware and softwareExperience developing and deploying custom persistence and exfiltration toolsExperience writing and delivering reports from testing engagementsExperience leveraging testing findings to develop detection and prevention methodologies leveraging security technologies to include SIEM and EDRExperience executing web application penetration testsAbility to communicate remediation guidance to developersAbility to adapt and prioritize in a fast-paced work environmentExcellent written and oral communication skillsWork independently and within a team to build relationships and interact effectively with business partners.A desire to work within a diverse, collaborative, and driven professional environment.Estimated total compensation for this position:
140,000.00 – 190,000.00 USD per yearThe total compensation range is an estimate and not guaranteed. An employment offer is based on an applicant's education, experience, skills, abilities, geographic location, internal equity and alignment with market data.Location:
Remote – Chicago, ILIf this job description resonates with you, we encourage you to apply, even if you don’t meet all the requirements. We’re interested in getting to know you and what you bring to the table!Personalized benefits that support personal well-being and growth:401(k) plan with matching company contributionsComprehensive Medical, Dental & Vision CarePaid parental leave at 100% of salaryPaid Time Off and Company HolidaysJLL Privacy NoticeJones Lang LaSalle (JLL), together with its subsidiaries and affiliates, is a leading global provider of real estate and investment management services. We take our responsibility to protect the personal information provided to us seriously. Generally the personal information we collect from you are for the purposes of processing in connection with JLL’s recruitment process. We endeavour to keep your personal information secure with appropriate level of security and keep for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely.This position may require you to be fully vaccinated against COVID-19. If required, you’ll be asked to provide proof that you’re fully vaccinated upon your start date. You’re considered fully vaccinated two weeks after you receive the second dose of a two-dose vaccine series (e.g., Pfizer or Moderna) or two weeks after a single-dose vaccine (e.g., Johnson & Johnson/Janssen). Failure to provide proof of vaccination may result in termination.Jones Lang LaSalle (“JLL”) is an Equal Opportunity Employer and is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process – including the online application and/or overall selection process – you may contact us at Accommodation Requests. This email is only to request an accommodation. Please direct any other general recruiting inquiries to our Contact Us page.Accepting applications on an ongoing basis until candidate identified.
#J-18808-Ljbffr