Washington DC, US-United States
Posted 5 days ago
| About The Company This company pioneers short-form video creation and social engagement, boasting a vast, engaged user base. Its platform empowers users with creative tools, filters, and effects. With a diverse content ecosystem, it’s a hub of creativity and expression. The proprietary algorithm ensures personalized content feeds, enhancing user engagement and satisfaction. This company wields significant influence on digital media, making it an invaluable partner for innovative collaborations and marketing endeavors. Responsibilities – Engagement in all phases of Red Team security operations – Work within the Red Team to perform physical exploitation, network exploitation and social engineering assessments against authorized targets – Perform network reconnaissance and open source intelligence gathering – Configure and safely utilize attack tools, tactics, and procedures against authorized our targets – Develop scripts, tools, or methodologies to enhance our red teaming capabilities – Help to execute the Red Team strategy to further enhance our security posture – Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel – Fluent and proficient in English to enable delivery of verbal and written reports and presentations to both technical and executive audiences – Provide risk-appropriate and pragmatic recommendations to correct identified flaws, vulnerabilities and misconfigurations – Provide guidance to advance the defensive capabilities of the Business Operations team and its subsequent ability to defend – Understand business processes, internal control risk management, IT controls and related standards – Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement – Understand clients’ business environment and basic risk management approaches – Build and nurture positive working relationships with internal clients with the intention to exceed their expectations Minimum Qualifications – Bachelors’ Degree or industry equivalent work experience in IT, Computer Engineering or a similar field – Relevant, recent and verifiable experience in information security and adversary simulation – Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector – 5+ years experience in two or more of the following areas: – Network penetration testing and manipulation of network infrastructure – Web application penetration testing assessments – Email, phone, or physical social-engineering assessments – Developing, extending, or modifying exploits, shell code or exploit tools – Experience with Red, Blue, or Purple teaming exercises – Open to travel as the need arises to perform testing on-site e.g. Data centers, office locations etc. (Estimated Frequency: once per month) Preferred Qualifications – Experience in large scale information technology implementations and operations preferred – Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN |
Job Features
| Job Category | QA & Testing |
| Seniority | Junior / Mid IC |
| Base Salary | $130,000 - $225,000 |
| Recruiter | nicole.wong@ocbridge.ai |
