We are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation and penetration testing, providing strategic insights to fortify our organization's defenses.
Responsibilities
- Plan, execute, and lead advanced red team engagements, including vulnerability assessments, penetration testing, and exploitation to identify and mitigate security risks.
- Simulate sophisticated adversary techniques to test and improve defensive controls, employing tools and methodologies that accurately emulate real-world cyber threats.
- Engage in purple team activities, working closely with the defensive security team to strengthen detection capabilities and response processes.
- Create custom payloads and exploits (using languages such as C, C++, and C#) to test the resilience of systems and applications, with a focus on evading EDR systems.
- Work closely with threat intelligence, vulnerability management, and SOC teams to improve the organization's security posture through robust security assessments.
- Deliver detailed reports on findings, risk implications, and recommendations, providing clear, actionable intelligence to enhance defensive strategies.
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, or a related field preferred.
- Minimum of 3 years in offensive security roles, including red teaming, penetration testing, and vulnerability research.
- 6+ years in technical roles in security, networking, systems, or software development.
- Relevant certifications such as OSEP, OSCP, CRTO, or GXPN.
- Proficient in scripting languages including Bash, Python, and PowerShell.
- Hands-on experience with key tools: NMAP, Burp Suite, Kali Linux, Bloodhound, Cobalt Strike, Sliver, Mythic.
- Deep knowledge of Windows Active Directory exploitation techniques and C2 frameworks.
- Skilled in evading EDR systems and understanding of defensive control evasion.
Benefits
- Comprehensive healthcare coverage
- 401(K) plan with company matching
- Tuition reimbursement for career development
- On-site fitness facilities
- Access to Diversity, Equity, & Inclusion (DE&I) programs
This role is hybrid out of Washington, DC. If you or someone you know is interested, please apply in directly!
