Assessments & Exercises Lead Penetration Testing

As an Assessments & Exercises Lead in the Cyber and Tech Controls line of business you will contribute significantly to enhancing the firms cybersecurity posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people processes and technology. Design and deploy risk-driven tests and simulations (or manage a highly-skilled team that does) and inform analysis to clearly outline this role you will evaluate preventative controls incident response processes and detection capabilities and advise cross-functional teams on security strategy and risk management.

Job responsibilities

• Design and execute testing and simulations such as penetration tests adversary emulation assessments collaborative technical controls assessments and cyber exercises and contribute to the development and refinement of assessment methodologies tools and frameworks to ensure alignment with the firms strategy and compliance with regulatory requirements
• Evaluate controls for effectiveness and impact on operational risk as well as opportunities to automate control evaluation
• Collaborate closely with cross-functional teams to develop comprehensive assessment reports including detailed findings risk assessments and remediation recommendations making data-driven decisions that encourage continuous improvement
• Utilize threat intelligence and security research to stay informed about emerging threats vulnerabilities industry best practices and regulations. Apply this knowledge to enhance the firms assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics

Required qualifications capabilities and skills

• 5 years of experience in cybersecurity with demonstrated exceptional organizational skills to plan design and coordinate the development of offensive security testing assessments or simulation exercises
• Knowledge of US financial services sector cybersecurity organization practices operations risk management processes principles regulations threats risks and incident response methodologies
• Ability to identify systemic security issues as they relate to threats vulnerabilities or risks with a focus on recommendations for enhancements or remediation and proficiency in multiple security assessment methodologies (e.g. Open Worldwide Application Security Project (OWASP) Top Ten National Institute of Standards and Technology (NIST) Cybersecurity Framework) and offensive security testing tools
• Excellent communication collaboration and report writing skills with the ability to document and explain complex technical details in a concise understandable manner to individuals with a variety of both technical and non-technical backgrounds
• Strong understanding of the following: Windows/Linux/Unix/Mac operating systems; OS and software vulnerability and exploitation techniques; commercial or open-source offensive security tools for reconnaissance scanning exploitation and post exploitation (e.g. Cobalt Strike Metasploit Burp Suite); networking fundamentals (all OSI layers protocols); Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) providers in both private and public (AWS Azure) environments; DevOps; incident response; threat hunting; and familiarity with interpreting log output from networking devices operating systems and infrastructure services
• Manual penetration testing and assessments experience (beyond running automated tools) against a wide variety of applications including web mobile and thick clients internal and external facing infrastructures

Preferred qualifications capabilities and skills

• Hold relevant industry certifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or those offered by Offensive Security (OSCP OSEP OSED OSEE OSCE) CREST (Certified Simulated Attack Specialist Registered Penetration Tester Certified Infrastructure Tester) or SANS (GPEN GXPN GWAPT) showcasing advanced expertise in cybersecurity and offensive testing methodologies
• Technical knowledge or experience developing proof of concept exploits and in house scripting using interpreted languages such as Python Ruby or Perl compiled languages such as C C C# or Java and security tools or technology such as Firewalls IDS/IPS Web Proxies DLP
• Intelligence Community/Security Services background knowledge of malware packing obfuscation persistence exfiltration techniques and understanding of financial sector or other large security and IT infrastructures
• Experience querying log sources within large centralized logging platforms e.g. Splunk Elastic Cloudera