RTX
Senior Red Team Penetration Tester (Remote)
RTX, Hartford, Connecticut, 06112
Date Posted: 2024-10-31 Country: United States of America Location: UT6: 4 Farm Springs 4 Farm Springs Road, Farmington, CT, 06032 USA Position Role Type: Remote RTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA. To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed. The following position is to join our RTX Corporate, Enterprise Services, Research Center or BBN team: Role Overview: Enterprise Services (ES) Cybersecurity has an immediate opening for a qualified and motivated penetration tester to join RTX Cyber Defense, reporting to the Associate Director of Cyber Testing, Assessments, and Simulations. As the Sr. Red Team Penetration Tester you will be responsible to plan, communicate, coordinate, and conduct red team activities, penetration tests, and security assessments for cloud environments, applications, systems and enterprise networks while adhering to strict rules of engagement and ethical cyber behavior. What You Will Do: Scope, plan and execute penetration testing of enterprise internal and external network assets to identify and demonstrate potential vulnerabilities Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Cloud, infrastructure, and Windows or nix OS’s; conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities Create detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations; ability to communicate identified risks to customers. Perform information technology security research to remain current on emerging technology risks and develop exploitive methods emulating the tactics, techniques and procedures of known adversaries. Contributes to development and implementation of tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk. Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure. Provide regular risk briefings to senior management on findings and develop remediation approaches and recommendations to improve cybersecurity posture Contribute and implement elements of functional strategies and operational goal to enhance and execute organizational services. Perform other duties as assigned and as required to continuously drive process excellence. Ability to travel 10-15% of time. Qualifications You Must Have Requires a University Degree or equivalent experience and a minimum 10 years of experience, or an Advance Degree and a minimum 7 years experience of relevant work experience in an environment that supports integrated risk management. 7 years of experience in security with practice in penetration testing large and complex enterprise networks and cloud environments and vulnerability assessments 5 years with utilizing penetration testing framework such as MITRE ATT&CK & OWASP Must be authorized to work in the U.S. without sponsorship now or in the future. RTX will not offer sponsorship for this position. Qualifications We Prefer Ability to execute advanced concepts such as application manipulation, exploit development, and stealthy offensive operations. Programming experience with focus on penetration testing or process automation Possess knowledge of both information security and computer science. Understanding of cloud, networking, applications, and operating system functionality Skilled in conducting non-attributable research using all available sources, including social network analysis Experience with web and mobile applications, databases, operating systems Hands-on OS configuration/administration experience Excellent communication and interpersonal skills Preferred candidate will have high degree of experience with the following technologies: Cobalt Strike, Kali Linux PowerShell, C#, GhostPack, Bloodhound Nmap, Burp Suite One Offensive Security Certification (OSCP, OSEP, OSWP, OSWA, OSWE) What We Offer: Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care. Learn More & Apply NowWork Location: RemotePlease consider the following role type definition as you apply for this role:Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed. The salary range for this role is 118,000 USD - 246,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Privacy Policy and Terms: Click on this link (http://www.rtx.com/privacy/Job-Applicant-Privacy-Notice) to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.