GoSecure offers a creative and challenging work environment, a competitive benefit package, and a great atmosphere to foster career growth. Come put your career on the leading-edge and bring your talents to a much sought-after high growth opportunity in technology- GoSecure!

Summary

Technical leads are specialized members of the security testing services team. Their day-to-day duties consist in performing various types of security tests for customers. Tests may include network assessments of various kinds, application testing, phishing exercises, red team assessments, physical security assessments, code reviews, embedded device assessments, and other types of security tests.

As a technical lead for the adversary emulation services, resources are expected to adopt the practices associated with the associated services including but not limited to purple teaming and red teaming. This includes researching new associated techniques, improving the testing methodology, coaching and/or assisting other employees, developping new tools, and any other tasks beneficial to the quality of deliverables.

Duties and responsibilities

• Perform security test, in accordance to our methodology, and report the technical findings in a report. Tester may have to present the report to clients with varying level of technical knowledge
• Answers clients’ inquiries via phone or email in a professional and timely manner and act as an advisor to the client
• Stay up-to-date on information technology trends, security standards and IT security news
• Develop and improve tools and scripts associated with adversary emulation
• Work on Operational security (OPSEC) procedures and defensive technologies bypasses
• Improve the testing methodology, documentation, and templates associated with adversary emulation
• Advise the director of ethical hacking in setting the vision related to adversary emulation
• Coach other employees in techniques, tools and methodology in regard to this expertise
• Improve knowledge and conduct research in regard to the state of the art of the expertise
• Write publications associated with the field of expertise
• Other duties as required

Qualifications

- Required

• 3 years of relevant experience.
• Bachelor’s degree in related field and/or equivalent education/experience.
• Hold the OSCP certification or a more advanced certification.
• Eligible for Secret Clearance and no criminal records.
• Knowledge of common pentesting methodologies (PTES, OSTMM), vulnerability scoring framework (CVSS, DREAD) and attack knowledge bases (Mitre Att&ck, OWASP Top 10)
• Excellent technical understanding of adversary emulation practices and defensive technologies bypasses
• Ability to perform common types of intrusion testing engagements (network testing, application testing, red teaming, etc.)
• Good ability to communicate and simplify security concepts and vulnerabilities in a written and oral format
• Good capacity to evaluate and explain business impact of vulnerabilities
• Excellent ability to multitask and meet deadlines
• Ability to teach to and lead less experiences resources
• Curiosity and desire to stay up to date on security vulnerabilities
• Ability to travel up to 20%

- Desirable Qualities

• Energetic and positive attitude
• Knowledge of programming and/or scripting languages
• Reverse Engineering experience
• Good knowledge of detection bypass techniques