Job Summary
As a principal member of the Figment Security Red Team, your responsibility will be to design and execute campaign-based security testing for Figment. This will involve targeting multiple types of assets. Successful applicants should have the ability to evaluate environments, applications, systems, or processes to identify vulnerabilities. Furthermore, they should be able to translate these findings into practical attack strategies for real-world scenarios.
- Minimum Qualification: Degree
- Experience Level: Mid level
- Experience Length: 4 years
Job Description/Requirements
Responsibilities:
- Document processes, procedures, and workflows for Red Team operations.
- Perform a full range of Red Team activities, including network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, social engineering testing, and detection evasion techniques.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Collaborate with senior leadership to enhance the Red Team strategy and improve the company's security posture.
- Effectively communicate findings and strategies to client stakeholders, including technical staff, executive leadership, and legal counsel.
- Provide practical and risk-appropriate recommendations to address vulnerabilities.
- Configure and safely use attacker tools, tactics, and procedures in Figment environments.
- Enhance Figment's red teaming processes by developing and improving scripts, tools, and methodologies.
- Offer recommendations and guidance to enhance the defensive capabilities of the team and its ability to defend the Figment Enterprise.
- Provide mentoring and training to Blue Team members and actively participate in cross-team security exercises.
- Provide technical expertise and support during incident response and assist in creating post-incident action plans.
Qualifications:
- Bachelor's degree or four or more years of work experience
- Experience in network penetration testing and manipulation of network infrastructure.
- Experience in API and web application assessments.
- Experience in email, phone, or physical social-engineering assessments.
- Experience in shell scripting or automation of simple tasks using Bash, Perl, Python, or Ruby.
- Experience developing, extending, or modifying exploits, shellcode or exploit tools.
- Experience with container orchestration management tools.
- Experience with source code review for control flow and security flaws.
- Experience with Red, Blue, or Purple teaming exercises.
- Strong knowledge of tools used for wireless, web application, container and network security testing, such as Kali Linux, Metasploit, Burp Suite, Core Impact, Cobalt Strike, Nessus, Web Inspect, and Scuba.
- Strong technical writing.
Important Safety Tips
- Do not make any payment without confirming with the Jobberman Customer Support Team.
- If you think this advert is not genuine, please report it via the Report Job link below.