Full-Time Consulting Director

Consulting Director on the Offensive Security team is focused on assessing and challenging security posture across clients.

Utilizes various tools and leads client engagements.

Acts as client's advocate for cybersecurity best practices and provides strong recommendations.

1. Perform red and purple team assessments (with and without regulator oversight), assumed breach assessments (red team engagements), ransomware readiness reviews, threat analysis and social-engineering assessments.
2. Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements (e.g., Terraform, Ansible, custom payloads).
3. Conduct cloud penetration testing engagements (AWS, GCP, Azure, containers, PaaS, SaaS).
4. Lead scoping and services overview conversations, presenting with authority and articulating testing approaches to technical and executive audiences.
5. Determine processes and procedures for assignments; lead technical workstreams on large/complex engagements.
6. Lead communications with clients, ensuring prompt responses to inquiries.
7. Deliver engagements on time and on budget, upholding high quality standards.
8. Mentor and coach team members, delegating tasks and providing feedback to empower high-quality results.
9. Meet travel requirements as needed.

Experience Required:

• 12+ years of professional experience with cyber security tools, technologies, and methods focused on Red/Purple Teaming.
• Deep understanding of malicious software (malware, trojans, rootkits).
• Ability to modify/craft custom exploits.
• Experience with bypasses to security tools and weaponizing payloads for social-engineering.
• Demonstrable experience in evasion techniques.
• Strong experience with Active Directory and attack killchain.
• Experience with penetration testing, administering, troubleshooting Linux, Windows, major cloud IaaS/PaaS/SaaS providers (AWS, GCP, Azure).
• Experience with scripting and programming (Perl, Python, Ruby, Bash, C/C++, C#, Java).
• Ability to read/use results of mobile/malicious code and anti-virus software.
• Experience with threat-intelligence-led red teaming frameworks (e.g., CORIE, CBEST, TIBER-EU).
• Track record of championing innovation and improvement.
• Bachelor's degree in Information Security, Computer Science, or equivalent experience/military experience.
• Professional industry certifications (OSCE, OSCP, CREST CRT, GPEN, CCSAS).

What is the last date for applying to the job?

Which countries are accepted for this remote job?