Red Team Security Engineer

Job description:

Security Engineer Penetration Tester

The SolarWinds Global Information Security team is seeking a penetration tester to join our SolarWinds information security team. The candidate will be primarily conducting and overseeing various penetration testing and technical assessment activities and will lead offensive security activities that include the execution of network as well as web application penetration testing and red team operations.

This hands-on technical role will be part of the security and engineering group within the information security team and will conduct pen test engagements against the SolarWinds full-stack infrastructure, conduct product security assessments, and execute deep dive pen test engagements across multiple environments, performing intrusion testing, code review, and threat modeling. The ideal candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, and contribute to the advancement of the team.

What you'll be doing

• You are a born red teamer. You see problems and solutions in everything and instinctively know your way around source code. This role requires a solid understanding of red team operations and methodology including reconnaissance, target identification, exploitation, completing objectives, and reporting. You will collaborate with software developers and systems administrators to enable robust testing of our infrastructure, SolarWinds products, and custom applications.
• You have plundered apps and pillaged networks (legally, of course) and you have a passion for hacking beyond a career it is your way of life. You may have accumulated a few disclosures, written blog posts, and given industry talks.
• You'll be running red teaming engagements, starting with research and including profiling organizations, defining attack objectives, crafting attack tree graphs, and other critical planning efforts. You will then perform operations based on that planning to achieve the attack objectives through various potential attack paths, including network, web applications, physical and social engineering, and others. You will help our customers understand their attack surface by communicating, having the ability to respond to incidents, report on steps taken and issues discovered. Additionally, you'll provide thoughtful, tailored, and actionable recommendations.
• As a red teamer, you'll solve challenging technical problems and build creative solutions in a client-facing role. As a trusted advisor, you'll provide your expert opinion to help our clients navigate complex business decisions - including how to prioritize critical findings. And as a senior penetration tester, you'll lead small teams on one-of-a-kind engagements, mentor co-workers, and contribute significantly to the advancement of our consulting practice.
• Conducting security assessments on the network, application, and cloud (AWS, Azure, GCP) as well as threat analysis, wired and wireless network assessments, and social-engineering assessments
• Performing full-scope penetration tests as per Enterprise MITRE ATT&CK matrix on live network infrastructure, services, Active Directory environments, and other systems/applications
• Assessing applications for issues surrounding authentication, authorization, user management, session management, data validation, including all common attacks such as SQL injection, cross-site scripting, command injection, error handling, auditing, and logging.
• Coordinating vendor-led penetration testing engagements
• Responsible to identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
• Developing proof-of-concept examples of exploits and scenarios for reports and perform live demonstrations for other teams.
• Performing in-depth analysis of red team engagements results and providing a detailed report that describes findings, exploitation procedures, risks, and recommendations.
• Must be available to work in North American Timings

What we're looking for

2+ years of experience as a security engineer or analyst working directly on red team engagements and penetration testing.

Able to review, modify and develop exploits in Assembly, C++, C#, VBS, Python, Perl, Ruby, PowerShell, Bash, JavaScript, Java, PHP, and other languages to exploit systems/applications, analyze data, configure systems, and automate tasks using Ansible or Terraform.

Review custom applications source code for security flaws and vulnerabilities.

Good understanding of defensive controls and how to bypass or evade them.

Experienced in modifying and using payloads for defense evasion.

Experience using and customizing commercial and open-source security assessment tools including Cobalt Strike, Metasploit, Bloodhound, Infection Monkey, Atomic Red Team, Powersploit, BurpSuite Pro/Enterprise.

Proficient in conducting purple teaming exercises and have experience in training team members about exploits and vulnerability risks.

Solid understanding of cybersecurity best practices including principles, security protocols, and standards material such as OWASP Top 10 (2017 & 2021) and SANS Critical Security Controls.

Knowledge of APT activity to simulate similar tactics, techniques, and procedures (TTP) during internal and external security assessments.

Experience running a variety of penetration testing tools, performing manual testing, validating test results, identifying the root cause, analyzing vulnerabilities, and helping develop platform-specific remediation plans.

One or more of the following security certifications are required:

• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
• GIAC Web Application Penetration Tester (GWAPT)
• eLearnSecurity Certified Penetration Tester eXtreme (eCPTX)
• eLearnSecurity Web application Penetration Tester (eWPT)