| cyber security engineer -- Hybrid (1-2 days a week on site) Auburn Hills, MI at Auburn, Pennsylvania, USA |
| Email: [email protected] |
| From: khizer, Wise IT Inc [email protected] Reply to: [email protected] $55 per hour Please submit candidates that fit the following job description. Please include (candidates with full information will get quicker attention): Full Name (First, Middle, Last): Location: Phone (No VoIP/Google phone numbers- need direct contacts): Email (NO marketing emails, need most established personal email ID): Last 5 digits of SSN: Work authorization status in the US: Availability: Rate confirmation: Actual RATE to CANDIDATE (required for this vendor): LinkedIn address : Location: Hybrid (1-2 days a week on site) Auburn Hills, MI Duration: 02/29/24, should continue to extend out Interviews: Video Offensive Cyber Security Engineer The Offensive Security Engineer roams the information environment, emulating adversary tactics, techniques, and procedures. Conducts scheduled penetration tests against corporate assets, builds and executes proof-of-concept exploits and continuously probes for weaknesses. This role requires deep knowledge of attack vectors, exploits, network protocols, and common mistakes. Primarily works with commercial, open source, and custom tooling to demonstrate how an adversary's actions can impact business operations. Guides and mentor's other contributors to red team positions. Leads development of new attack and reporting tools. Works closely with Hunt and SOC disciplines to hone detections. Required Skills & Experience: Identifies threat vectors unique to the cyber-attack surface. Requires deep knowledge of attack vectors, exploits, network protocols, and common mistakes Experience emulating adversary tactics, techniques, and procedures Conducting penetration tests against corporate assets Building and executing proof-of-concept exploits Experience with Hunt and SOC disciplines to hone detections Experience with Cloud, Embedded, Linux, Physical, Windows devices Adversary emulation: Identifies weaknesses with high impact or probability of use. Illustrates how an adversary will interact, and the impacts of those interactions. Illustrates how an adversary will take advantage of company resources to use them against us. Participation in purple team events. Continuous improvement of tooling to evade detections. Conducts penetration tests against web applications. Exploits vulnerabilities in Cloud, Embedded, Linux, Physical, or Windows devices. Exploit Execution and Development: Customizes exploit code for known and emerging exploits (SR -- novel) Conducts emerging threat and threat landscape research. Conducts expert malware reversal and research. Company Expert Penetration Testing Provides expert guidance on how penetration testing can solve problems. Work closely with partners in Cyber and Technology to solve problems. Serves as the escalation point for cyber incidents, events, and malware research. Identifies threat vectors unique to the cyber-attack surface. Planning and Organizing Identifies & evaluates projects, products, and solutions to enhance threat detection and other capabilities. Provides expert guidance on highly complex, large projects to incorporate cyber and fraud detection capabilities and considerations. Participates in industry working and information sharing groups. Administration Keeps management informed of status of threats, the threat landscape, and current incidents and events through appropriate reporting. Actively participates on committees representing Cybersecurity. Keeps abreast of leading-edge technologies in the threat detection space. Keywords: information technology Idaho Michigan |
| [email protected] View all |
| Tue Sep 19 21:17:00 UTC 2023 |