Looking for Sr Security Engineer Position in Chicago, IL (Onsite - Hybrid)
Apply on
Sr Security Engineer
Location: Chicago, IL (Onsite Hybrid In office 2 days)
Duration: 12 Months
Description:
Principal Responsibilities
Lead red team exercises against a hybrid environment using threat intelligence and the MITRE ATT&CK Framework.
Participate in purple team exercises that are intelligence driven to test cyber detections
Conduct ad-hoc offensive security testing using industry standard tools and/or internally developed tools.
Lead report creation activities including compromise narratives and detailed technical findings with appropriate risk severity ratings, tactical and strategic recommendations to reduce risk levels, peer review of team s deliverables.
Assist cyber defence teams
Position Requirements
Approx 8 years experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.); or the ability to demonstrate equivalent knowledge.
Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing.
Expert understanding of Red Team concepts, tools, and automation strategies.
Expert understanding of MITRE ATT&CK framework tactics, techniques, and procedures.
Expert understanding of modifying payloads to bypass detections like EDR.
Strong understanding with at least one scripting language (Python, Ruby, PowerShell, Bash, etc.).
Experience with at least one cloud environment (AWS, Google Cloud Platform, Azure).
Nice to have
Experience discovering and exploiting vulnerabilities in AI systems.
Experience of conducting Offensive Security and/or Red Team exercises against macOS, iOS, or ChromeOS.
Recognized industry certifications such as, but not limited to, GPEN, GXPN, GREM, eCPTX, eCPPT, OSCP, OSWE, CISSP, CPSA, CRT, etc.
Knowledgeable in Industry Security standards (i.e.: TIBER-EU, CBEST, NIST Cyber Security Framework, ISO27002, etc.).