Security Consultant II (Breach and Attack Simulation)

NetSPI

NetSPI

IT
Remote
Posted on Jul 9, 2024
Title

Security Consultant (Penetration Tester – Breach and Attack Simulation (Purple Team))

Category Services
Description

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance. We help secure the most trusted brands on Earth with our Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) solutions. Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.


We are seeking an experienced professional with demonstrated technical depth and breadth in cybersecurity as well as the soft skills to effectively communicate with executive and technical teams. In this role, you'll have the ability to work alongside a world-class team using top-tier custom tools. Applicants are expected to leverage strong problem-solving skills, as well as lead, collaborate, and innovate to deliver high-quality exercises and exceptional experiences for our customers.


A day in the life of a NetSPI purple teamer:

  • Perform Breach and Attack Simulation (purple team) engagements.
  • Perform External and Internal Network penetration tests.
  • Analyze well known and trending threats to develop new techniques and procedures.
  • Develop detection logic for new threats and help personalize detection guidance for clients.
  • Evade host and network level controls using a variety of methods.
  • Test detective control capabilities within client environments.
  • Create and deliver engagement reports to clients.
  • Collaborate with clients to create remediation strategies that will help improve their security posture.

Other important tasks you'll partake in:

  • Research and develop innovative techniques, tools, and methodologies for penetration testing services.
  • Help define and document internal, technical, and service processes and procedures.
  • Contribute to the community through the development of tools, presentations, white papers, and blogs.

The experience you'll need to be successful:

  • Experience required (one of the following or equivalent):
    • at least 2 years of Penetration Testing Experience
    • at least 1 year of Threat Hunting and/or Detection Engineering Experience
    • at least 3 years of SOC Analyst experience and an offensive specific certification, (OSCP, GXPN, CRTO etc.)
  • Bachelor’s degree or equivalent experience
  • Familiarity with common MITRE ATT&CK TTPs and detection methods
  • Familiarity with TTP detection development related to endpoints, databases and networks
  • Familiarity with offensive toolkits used for network and application penetration testing
  • Familiarity with offensive and defensive IT concepts
  • Knowledge of Linux and/or Windows administration
  • Up to 25% travel

If you have any of the below, that would be a plus:

  • Experience with SIEM tools, EDR solutions, and intrusion detection systems
  • Familiarity with network security technologies (firewalls, IDS/IPS, VPNs)
  • Knowledge of SOC management operations
  • Knowledge of incident response procedures and forensic investigation techniques
  • Threat Intelligence experience
  • Red team experience
  • Cobalt Strike experience
  • Programming experience in one or more of the following languages: Python, C, C++, Java, C#, Rust, Nim, or Go
  • CRTO, GXPN, GPEN, OSCP or similar certifications

#LI-Remote

Location Remote
About the Organization NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most.

Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.

By continually advancing solutions such as Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.

NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Email None Specified

supervisorUID None Specified

This position is currently accepting applications.

Apply Now