Loading...
Share this Job
Apply now

Apply for Job

Red Team Security Researcher

Date: 
Location: 

United States

Job Category:  Security Services

About CyberArk

CyberArk is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders.

Job Description

CyberArk Software is seeking a Red-Team Engineer for the expanding Red-Team located in Newton, Massachusetts.

Looking at the security market today, there are more and more companies viewing Red- Teaming as a mandatory service which provides senior management tools to prepare against the inevitable Cyber-attack. Most Security companies today offer either defensive or offensive services/products while seeing the other side as a direct competitor. But having both types of service which can leverage one another, it allows CyberArk to offer a unique offering to its clients. The Red-Team service is provided at pre or post-sale once the client already has purchased our product and implemented it. Red-Team engagement provides a tangible method of assessing the value of Cyber-Ark solutions and opportunities for other Cyber-Ark solutions.

Responsibilities

  • Provide our clients with real life actionable deliverables which allows the client to understand what attackers will/can do during an attack and what they can do to mitigate these risks
  • At the pre-sale phase, offer a service to potential clients to show how adversaries leverage existing TTP’s (tactics, techniques and procedures) in a real attack- the key point is providing real adversary simulation vs. limited scope penetration testing
  • Design, plan and execute threat actor simulation scenarios using complex adversarial TTP
  • Researching emerging threats, vulnerabilities disclosures and incident response reports; conducting cyber research into emerging threats, vulnerabilities disclosures and incident response plans
  • Report risks and ensure offensive security tools and techniques are within regulation and policy procedures
  • Evaluate risks and detect and create solutions that are tailored toward each individual customer
  • Validate threats and pursue mitigation's (including those that might fall outside Cyber-Ark offerings)
  • Record outcomes and escalate to leadership when necessary
  • Other duties as assigned



  •  

Qualifications

  • The successful candidate will have a minimum Bachelor's Degree in Computer Science or related discipline coupled with 5+ years experience in cybersecurity penetration testing or red-team activity or a minimum of a high school diploma coupled with 8+ years experience
  • Self-motivated, enthusiastic, team player willing to work independently as well as cross-functionally
  • Attention to detail and ability to recognize and resolve discrepancies
  • Strong written and verbal communication skills
  • Superior ability to multi-task and prioritize
  • Proficient with Cobalt Strike or other C2 frameworks
  • Offensive Security Certifications, examples: OSCP OSCE, OSWE- preferred
  • Knowledge of penetration testing and/or red-teaming activities
  • Understanding of Windows or Unix internals for exploit development helpful
  • Professional experience in both offensive and defensive information security disciplines is strongly desirable

Apply now

Apply for Job