Senior Red Team Consultant
Senior Red Team Consultant
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Stratum Security is looking for a senior-level red team security specialist to expand our team.
Stratum is a boutique infosec consulting firm specializing in network application and cloud security assessments. This role is part of our offensive security team which conducts adversarial simulations for Stratum customers in various industries. You will be a key player on a team of like-minded people who love the art of ethical hacking and adversary emulation.
Our founders were pen testers who founded Stratum in 2005 to create a place for great security professionals to focus on their work and not big company headaches.
We are not fans of standard job descriptions so we compiled this FAQ. Its how we like consuming information and think it works better than the typical format.
Tell me more about the position.
You will simulate real-world attacks against Stratum customers using the same tools techniques and processes that threat actors use. Then you are expected to provide the customer with solid recommendations to prevent or detect successful attacks. Its really that simple.
This is a consulting role so there is high expectation for your ability to present information to both technical and non-technical audiences. You will be interacting with customer personnel at all levels and serving as a representative of Stratum. This includes conducting engagement kick-off meetings providing updates as required handling project issues and explaining attack paths/chains along with security recommendations. Your ability to help customers understand your attack methodology why certain risks matter (or not) and how best to improve their security posture is your prime responsibility.
Other than red teaming you will help to improve our overall offensive security capability. This may include evolving our attack methodologies mentoring other team members creating tools sharing new techniques and conducting research on new vulnerabilities and attack vectors. We also love it when team members want to write a blog post speak at local security conferences or get a speaking slot at an industry event.
Q: What are some of the specific responsibilities and tasks for this position
A: A Senior Red Team member is responsible for:
Conducting comprehensive adversarial simulations against organizations
Leading red team engagements
Providing customers with expert security recommendations based on findings
Preparing attack narratives and reports in Stratums simple template; delivering engagement briefings to customers as needed
Conducting peer reviews on other team members reports
Mentoring mid-level red teamers as needed
Q: What technical skills are required
A: A Senior Red Team member needs to have the following technical skills:
Strong understanding of enterprise security controls concepts solutions etc.
Strong understanding of endpoint protection (e.g. EDR) bypass and evasion
Strong understanding of Microsoft Active Directory and associated technology concepts within the context of offensive operations
Strong understanding of Linux within the context of offensive operations
Strong understanding of various C2 frameworks post-exploitation operations etc.
Familiarity with cloud platforms such as AWS and Azure
Familiarity with phishing attacks credential-harvesting domain name and DNS configuration malicious attachments etc.
Required Experience:
Senior IC
Employment Type
Full-Time
