Overview (Consultant at IOActive):
IOActive is a comprehensive, high-end information security services firm with a long and established pedigree in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment through to semiconductor reverse engineering. Founded in 1998, IOActive is headquartered in Seattle, USA, with operations throughout the Americas, EMEA, and Asia-Pac.
Senior Red Team Security Consultant
IOActive is a cutting-edge firm that blends opportunities for career and personal advancement with a positive and challenging work environment. We seek talented people with broad, robust skill sets from around the world to join our diverse, growing team.
Our consultants are able to deliver high-quality, on-time services and products on client engagements. They have gifted technical minds with deep experience in programming and application security, infrastructure security, tool development, and source/code architecture review. Our consultants can identify, test, and articulate client vulnerabilities, provide practical recommendations, and adapt to new technologies and practices that raise the bar of computer security standards.
Due to explosive growth, we are hiring a Senior Red Team Security Consultant in the US.
The IOActive Security Consultant is a technically skilled professional with a comprehensive knowledge of red team operations, social engineering, and penetration testing. A Security Consultant is primarily responsible for providing security consulting services to a wide variety of clients across multiple time zones.
A Security Consultant maintains a close working relationship with IOActive clients before and during complex and deeply technical engagements as the Consultant drives projects to completion. A Security Consultant finds and reports vulnerabilities at both a technical and non-technical level. He or she has the knowledge to make appropriate, clear, and direct mitigation recommendations.
Deliver on all aspects of client engagements with the highest level of quality client service, including:
- Performing adversarial full scope Red Team engagements, collaborative Purple Team assessments, Penetration Tests and Social Engineering campaigns.
- Participating in the requirements gathering and engagement kick-off processes
- Producing high quality reports that identify vulnerabilities including appropriate recommendations
Demonstrate skills in the following areas (at a minimum):
- 5 years+ Adversarial Red Team Operations
- Deep understanding of latest tactics, techniques and procedures (TTP) used by threat actors
- Experience working with and modifying C2 frameworks to bypass security controls
- Advanced knowledge of Windows Internals
- Ability to develop custom tools or scripts to assist with Red Team tasks
- Understanding of Active Directory, AzureAD and M365
- Programming skills in C#, C, Python, Rust, Powershell, Bash etc.
- Familiar with security operations and modern defenses employed by enterprise defenders throughout the cyber kill chain
- Experience with threat hunting, incident response, and security analysis tools is a plus
- Enthusiastic and self-motivated team player.
- Strong ability to provide delivery of high-quality, on-time assessments
- Strong written and verbal language skills
- Well-honed communication skills
- Ability to listen to and interpret client requirements in order to recommend relevant solutions
Candidates are preferred to have earned one or more of the following:
- Offensive Security Experienced Pentester (OSEP)
- Offensive Security Exploitation Expert (OSEE)
- Certified Red Team Operator (CRTO)
- CREST Certified Simulated Attack Specialist (CCSAS)
- CREST Certified Infrastructure Tester (CCT-INF)
- 401(k) matching
- Dental insurance
- Disability insurance
- Employee assistance program
- Health insurance
- Life insurance
- Opportunities for advancement
- Paid time off
- Vision insurance
- The salary range for this position is $90000-175000 annually
Why I O Active:
We have over 20 years of experience that’s established and stable; yet high-growth with the energy, passion and dynamic work environment of a startup.
We are renowned for our innovation and thought leadership within our high-profile, cutting edge space.
We’re one of “the good guys” doing crazy cool stuff to thwart bad guys in a critically important business, social and political arena. Our work is great fun with great importance.
Above all else, we value our people and our customers. Relationships matter.
IOActive is proud to be an Equal Opportunity Employer.