Dark Wolf Solutions is looking for a Red Team Penetration Testerto join our team. The successful candidate will have extensive experience in security testing of web application, mobile applications, APIs, cloud hosted application, containers and on-prem data centers. The Red Team Lead will perform and lead all Red Team Operations as directed by management while also leading and tracking discovered vulnerabilities, triage remediation tasks, and assignment to system owners. The successful candidate will apply root cause analysis to identify and assess problems and key drivers of success, all while staying aware of current business and industry trends relevant to the business of and cybersecurity. The Red Team Lead will be responsible for performing qualitative and quantitive risk analysis and maintain regular contact with teams to manage remediation and advise as required. Dark Wolf is the prime contractor for this effort. We are seeking a respected leader who demonstrates excellent communication skills, and aligns with our company's core values. Key responsibilities may include but are not limited to:
- Performing both internal and external penetration testing of network infrastructure and applications.
- Performing Red Team assessments including physical, social engineering, and network exploitation.
- Performing well-controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases.
- Demonstrating advanced understanding of business processes, internal control risk management, IT controls, and related standards.
- Effectively communicating findings and strategy to stakeholders, including technical staff and executive leadership.
- Identifying and evaluating complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
- Participating in regular Purple Team exercises and performing adversary simulations to test defense controls.
- Assisting with scoping prospective engagements, leading engagements from kickoff through remediation.
- Working closely with the Blue Team to test the efficacy of existing alerts and help create new detections.
- Creating findings reports and effectively communicating findings to stakeholders.
- Contributing to enhancing the team's toolkit.
- Writing custom scripts to automate tasks related to finding new vulnerabilities
- Maintaining the playbook to continually improve company penetration testing methodologies and threat modeling.
Required Qualifications:
- 10+ years of experience in Penetration testing, Red Team and Purple Team
- Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience
- Advanced knowledge in common penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Empire, KALI Linux etc.)
- Must have a demonstrable understanding of voice and data networks, major operating systems, active directory, cloud technologies
- Must demonstrate knowledge of MITRE s ATT&CK framework, execute and chain TTP s
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Ability to optimally code in a scripting language (Python, Bash, PowerShell, Rust, C, C++, Golang, etc.)
- BA/BS degree in Computer Science
- US Citizenship and eligibility to obtain a Secret security clearance
Desired Qualifications:
- CRTO, OSCP, other relevant certifications
This position is primarily remote but asks for support in areas where a Dark Wolf Office is located, including Charleston, SC, Herndon, VA, Colorado Springs, CO, Tampa, FL, Ogden, UT or Omaha, NE.
The salary range for this position is estimated to be between $150,000.00 - $200,000.00, commensurate on experience and technical skillset.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.