Adaptive Threat Replication Engineer

Bank of America
Published
November 18, 2021
Location
Denver, CO
Category
Job Type

Description

Job Description:

The Adaptive Threat Replication (aka Red) team within the Cyber Security Defense division of GIS is looking for a talented and experienced engineer to join a team of world-class offensive security (Red Team) talent.  This engineer will assist in mentoring, training, and actively testing with a suite of teams who validate controls, test technologies, replicate threats, and research emerging threats.  The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on development projects, and assisting the monitoring and response function understand the techniques used so those functions can practice and improve their capability to respond and recover against a realistic threat actor. The engineer in this role should be equally capable of operating on an assessment and mentoring less experienced subordinates.

Required Skills:
- Must have experience effectively interacting with a diverse set of personalities and talent
- Must be able to effectively communicate to anyone in the organization, from the most technical operator to the least technical business partner
- Must be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
- Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Ability to effectively code in a scripting language (Python, Perl, etc.)
- Desirable certifications:  OSCP, GPEN, OSCE
- Prefer previous experience working in the financial industry

Enterprise Position Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

-->

Job Description:

The Adaptive Threat Replication (aka Red) team within the Cyber Security Defense division of GIS is looking for a talented and experienced engineer to join a team of world-class offensive security (Red Team) talent.  This engineer will assist in mentoring, training, and actively testing with a suite of teams who validate controls, test technologies, replicate threats, and research emerging threats.  The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on development projects, and assisting the monitoring and response function understand the techniques used so those functions can practice and improve their capability to respond and recover against a realistic threat actor. The engineer in this role should be equally capable of operating on an assessment and mentoring less experienced subordinates.

Required Skills:
- Must have experience effectively interacting with a diverse set of personalities and talent
- Must be able to effectively communicate to anyone in the organization, from the most technical operator to the least technical business partner
- Must be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
- Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Ability to effectively code in a scripting language (Python, Perl, etc.)
- Desirable certifications:  OSCP, GPEN, OSCE
- Prefer previous experience working in the financial industry

Enterprise Position Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Adaptive Threat Replication (aka Red) team within the Cyber Security Defense division of GIS is looking for a talented and experienced engineer to join a team of world-class offensive security (Red Team) talent.  This engineer will assist in mentoring, training, and actively testing with a suite of teams who validate controls, test technologies, replicate threats, and research emerging threats.  The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on development projects, and assisting the monitoring and response function understand the techniques used so those functions can practice and improve their capability to respond and recover against a realistic threat actor. The engineer in this role should be equally capable of operating on an assessment and mentoring less experienced subordinates.

Required Skills:
- Must have experience effectively interacting with a diverse set of personalities and talent
- Must be able to effectively communicate to anyone in the organization, from the most technical operator to the least technical business partner
- Must be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
- Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Ability to effectively code in a scripting language (Python, Perl, etc.)
- Desirable certifications:  OSCP, GPEN, OSCE
- Prefer previous experience working in the financial industry

Enterprise Position Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Apply
Drop files here browse files ...

Related Jobs

Retail Merchandiser   Federal Heights, CO new
December 8, 2021
December 8, 2021
Senior Network Engineer   Englewood, CO new
December 8, 2021
AM Kitchen Helper   Aurora, CO new
December 8, 2021

Author: