Informatic Technologies, Inc.
Sr Security Engineer
Informatic Technologies, Inc., , NY, United States
Principal Responsibilities
- Lead red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication &CK Framework.
- Participate in purple team exercises that are intelligence driven to test cyber detections
- Build and maintain Red and Purple team infrastructure, automating functions where possible.
- Continually research new offensive security tactics, techniques, and procedures and communicate knowledge of the same to other team members.
- Conduct ad-hoc offensive security testing using industry standard tools and/or internally developed tools.
- Lead report creation activities including compromise narratives and detailed technical findings with appropriate risk severity ratings, tactical and strategic recommendations to reduce risk levels, peer review of team's deliverables.
- Assist cyber defense teams during incident investigations providing subject matter expertise on attacker tradecraft and mindset.
- Interface with other information security departments, as well as other technology departments and business stakeholders to raise awareness of security issues and to provide knowledge sharing on remediation.
- Active contributor to Red and Purple Team activities for internal presentations and conferences
- Position RequirementsApprox 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.); or the ability to demonstrate equivalent knowledge.
- Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing.
- Expert understanding of Red Team concepts, tools, and automation strategies.
- Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures.
- Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability.
- Expert understanding of Windows and Linux system hardening concepts and techniques.
- Expert understanding of modifying payloads to bypass detections like EDR.
- Expert understanding of how to compromise a company without using phishing.
- Strong understanding with at least one scripting language (Python, Ruby, PowerShell, Bash, etc.).
- Experience with at least one cloud environment (AWS, GCP, Azure).
- Experience attacking cloud, on-prem and/or hybrid environments from initial access all the way through actions on objective.
- Nice to havePrevious experience of Red Team project delivery to include creation and execution of statement of work, risk mitigation strategies, and working with stakeholders to remediate findings.
- Experience of using multi operating system command and control tools.
- Experience developing custom attack tradecraft or modifying existing tools.
- Experience using automated configuration management such as Chef.
- Experience discovering and exploiting vulnerabilities in AI systems.
- Experience of conducting Offensive Security and/or Red Team exercises against macOS, iOS, or ChromeOS.
- Recognized industry certifications such as, but not limited to, GPEN, GXPN, GREM, eCPTX, eCPPT, OSCP, OSWE, CISSP, CPSA, CRT, etc.
- Knowledgeable in Industry Security standards (i.e.: TIBER-EU, CBEST, NIST Cyber Security Framework, ISO27002, etc.).
- Knowledgeable in Agile project management.