The Breach and Attack Simulation Engineer role will provide ongoing support to the Regional Security Operations program. In this role the Breach and Attack Simulation Engineer is expected to perform offensive security activities to support the creation and management of continuous threat-based scenarios.
Essential Functions:
- Create, deploy, and manage continuous threat-based scenarios to validate or improve security infrastructure..
- Utilize offensive tooling and custom scripts to create and automate workflows and emulations.
- Develop metrics and reports that express validity of security structure and/or progression on threat coverage.
- Work with Detection Engineers to review emulation results to create detections and alerts.
- Educate Analyst on techniques used and alerts generated through automated or manual emulations for improved triaging by blue team.
- Collaborate with Cyber Threat Intelligence and other teams on new and pressing threats to emulate and measure.
- Contribute to red/purple team engagements
- Identify and maintain visibility of security tool coverage.
Requirements
- Offensive security experience with a passion for creating and automating workflows and emulations.
- Coding/scripting skills in popular languages such as C and Python.
- Extensive experience of offensive security.
- Extensive experience with EDR, AV, Firewall, and Email Security tooling.
- Proficiency for effective communication and documentation.
- Ability to express security issues and impact clearly to any audience.
Preferred Qualifications:
- Breach and Attack tooling experience (AttackIQ, Caldera, Atomic Red Team, etc.).
- A solid understanding of the need to continuously test security infrastructure.
- Security Write-ups, Security/automation projects.
- Aspiration to continuously challenge yourself and to a higher standard of expertise and readiness to tackle cybersecurity challenges, using tools such as HackTheBox and TryHackMe.
- Blue team mindset & experience is a plus.
Benefits
NOTE FOR RECRUITERS: DO NOT INCLUDE IF YOU POST JD ONLINE
DO NOT POST
6 month C2H
Dallas, TX is ideal to come to Plano office for meetings "Hybrid by choice" Potential for remote pending experience
Offensive security is essential experience, it needs to be ingrained in their resume. Extremely knowledgeable in terms of the tools that they use be able to do scripting and effectively try on a continuous basis.
We are not looking for a candidate who directly protects our environment, they are not looking for attackers or malicious activity. They need to have experience where they are preforming "malicious activity" with their company to see holes in infrastructure. \
DO NOT POST