Senior Red Team Consultant

Yesterday

Apply Now

Receive Emails with Similar Jobs

Bishop Fox

WebsiteLinkedInAll Job Openings

Outfox Attackers

Computer Security • Risk Assessment • Pentesting • Information Security • Architecture Security

201 - 500

💰 $46M Series B on 2022-11

Description

• Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red teaming, and attack surface management to product, cloud, and application security assessments. • We’re seeking remote, US-based hacking professionals focused on red teaming to join our team – and help us build a more secure world. • You are a born red teamer; you see problems -and solutions- in everything. • As a senior-level consultant, you’ll solve challenging technical problems and build creative solutions in a client-facing role. • You will help our customers understand their attack surface by communicating, ability to respond to incidents, report on steps taken, and issues discovered. • We embrace diversity and an inclusive culture. We value our employees and who they are, which fosters a powerful and collective talent base to successfully serve our clients and the security community with unparalleled expertise.

Requirements

• 5+ years of offensive security experience in supporting a variety of engagements with clients from a variety of industries • Working knowledge of all common operating systems such as Windows, MacOS, Linux, ChromeOS, iOS, and Android • Expertise in Windows Active Directory exploitation and lateral movement • Working knowledge of “cloud” platforms (AWS/Azure/GCP and O365/Google Workspace) and container technologies (Kubernetes/Docker) • Experience with custom tool and payload development, as well as reverse engineering, and evasion techniques • Proficiency in multiple programming languages (preferably Python, Golang, JavaScript/TypeScript, C#, C/C++, PowerShell, and/or Bash) • Network and web-related protocol knowledge (e.g., TCP/IP, HTTP, HTTPS, etc.) • Demonstrated experience with social engineering, conducting reconnaissance, development, and delivery of phishing/vishing pretexts as well as an understanding of email security technologies and other related countermeasures • Excellent written and verbal communication skills • Nice to have: • Expertise in exploit development and/or assembly (x86/arm) • Threat modeling, threat intelligence, or incident response experience • Experience with DevOps and CI/CD technologies • Experience conducting physical penetration testing engagements, including entry skills, RFID hacking, and alarm bypasses • Blockchain security experience • OSCP/E, GWAPT, GPEN, or GXPN certifications can be helpful, but are not a necessity