Senior Offensive Security Consultant (Cloud)
Senior Offensive Security Consultant (Cloud)
Soteria - Security Solutions & Advisory
United States
See who Soteria - Security Solutions & Advisory has hired for this role
As a senior member of Soteria’s Offensive Security team, you will be focused on leading and performing red team assessments, penetration tests, vulnerability assessments in a variety of cloud-based environments. You will play a key role on the OffSec team as the cloud security assessment subject-matter expert, leading engagements and working with clients to help them identify and solve security challenges.
Core Responsibilities:
Core Responsibilities:
- Perform cloud penetration testing, red teaming, application testing, and vulnerability assessments.
- Engage with prospective clients in pre-sales meetings and provide technical input for scoping engagements.
- Drive Soteria’s Offensive Security cloud offerings.
- Support the OffSec team as needed on traditional network penetration testing, web and mobile application security testing, source code reviews, vulnerability analysis, wireless network assessments, red team exercises, physical testing, and social engineering assessments.
- Communicate with prospective and existing clients to understand their cloud security needs, business requirements, and other motivating factors.
- Develop tailored tactical and strategic recommendations to address findings.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Lead offensive security engagements through the entirety of project lifecycles, including kickoff, delivery, and closeout.
- Research and incorporate attacker tools, tactics, techniques, and procedures.
- Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements.
- Perform quality assurance peer reviews of Advisory and Offensive Security assessment reports and deliverables.
- Assist Soteria Leadership in the development of security standards and best practices for the organization and recommend security enhancements as needed.
- Manage relationships with clients post-engagement as a trusted security partner.
- Maintain competence in security trends, technologies, and practices through self-study and participation in the security community.
- Collaborate with Soteria's Detection and Response Team (DART) to develop new capabilities for detecting bleeding edge offensive techniques.
- Coach and mentor offensive security team members.
- Provide continual improvement to offensive security team processes and documentation.
- Along with billable consulting, this role will require strong soft skills.
- Cloud platforms (AWS, Azure, and GCP)
- Modern web technologies
- Network environments (internal, external, and wireless)
- Active Directory
- Physical security
- Mobile applications
- 5-7 years of experience in at least three of the following:
- Cloud penetration testing and red teaming
- Network red team operations and purple team delivery, including adversary emulation
- Network penetration testing and manipulation of network infrastructure
- Web and/or mobile application assessments
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
- Reverse engineering malware, data obfuscators, or ciphers
- Source code review for control flow and security flaws
- Previous experience working for internal or external customers in a consultant capacity
- Strong knowledge of tools used for network, cloud, web application, and wireless security testing.
- Thorough understanding of network protocols and data on the wire.
- Experience with automation of tasks using languages such as Powershell, Perl, Python, Ruby, etc.
- Ability to successfully interface with clients (internal and external).
- Ability to document and explain technical details in a concise, understandable manner.
- Ability to manage and balance time among multiple competing tasks.
- Mastery of *nix/Mac/Windows operating systems GUI and terminal.
- Prolonged periods of sitting at a desk and working on a computer.
- Flexible hours as determined by client needs.
- Medical, Dental, Vision, Life and Disability insurance covered 100% for Employee and 50% for family members.
- Employer funded single HSA account
- Flexible work hours around core hours
- Paid time off of 24 days with an additional 12 paid holidays
- Professional development allowance
- 401k optional
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Information Technology -
Industries
Computer and Network Security
Referrals increase your chances of interviewing at Soteria - Security Solutions & Advisory by 2x
See who you knowGet notified about new Senior Security Consultant jobs in United States.
Sign in to create job alertSimilar jobs
People also viewed
-
Offensive Security Consultant
Offensive Security Consultant
-
Associate Cyber Security Engineer (DHS)
Associate Cyber Security Engineer (DHS)
-
Security Consultant, Assessment Services - Remote | WFH
Security Consultant, Assessment Services - Remote | WFH
-
Security Consultant, Assessment Services - Remote | WFH
Security Consultant, Assessment Services - Remote | WFH
-
Cyber Security Consultant
Cyber Security Consultant
-
Identity Management Consultant
Identity Management Consultant
-
Senior Cyber Security Engineer
Senior Cyber Security Engineer
-
Sr SME Cyber Security Consultant (W2 Remote)
Sr SME Cyber Security Consultant (W2 Remote)
-
Staff Cyber Security Engineer
Staff Cyber Security Engineer
-
Senior Identity Engineer/Cyber Security Engineer
Senior Identity Engineer/Cyber Security Engineer
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub