Senior Offensive Cybersecurity Engineer

We’re currently looking for a Senior Cyber Security Analyst (Remote) to join our InfoSec Offensive Vulnerability Management, Threat Intelligence, Application Code Scanning, Penetration Testing team in Mexico City or Aguascalientes. Additionally, this role serves across all areas of threat intelligence to help inform and defend the business and protect brand reputation. Given that vulnerability management and risk exposure extend across all technical systems enterprise-wide, responsibilities of this position include identifying assets and vulnerabilities, reporting, remediation, and continuous assessment.

Job Duties:

• Manage vulnerabilities across applications, endpoints, databases, networking devices, and mobile, cloud, and third-party assets.
• Conduct continuous discovery and vulnerability assessment of enterprise-wide assets.
• Document, prioritize, and formally report asset and vulnerability state, along with remediation recommendations and validation.
• Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.
• Procure and maintain tools and scripts used in asset discovery and vulnerability status.
• Leverage vulnerability database sources to understand each weakness, its probability, and remediation options, including vendor-supplied fixes and workarounds.
• Conduct tactical assessments that require expertise in social engineering, application security (web and mobile), physical methods, lateral movement, threat analysis, internal and external network architecture, and a wide array of commercial and bring-your-own (BYO) products.
• Develop and maintain tools and scripts used in penetration-testing and red team processes.
• Support purple team exercises designed to build strength across disparate teams.
• Work closely with the security operations center (SOC) to leverage intelligence sources, identify new threats in the wild, and verify the organization’s security posture against them.
• Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization’s security posture against them.
• Regularly research and learn new TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary.
• Maintain an active database comprising third-party assets, their vulnerability state, remediation recommendations, overall security posture, and potential threat to the business.

Skills and Experience:

• 5+ years' experience in information security administration, offensive tactics, monitoring, and incident response.
• Proficient in scripting languages such as Python, PowerShell, Bash, and Ruby.
• Competent with testing frameworks and tools such as Burp Suite, Cobalt Strike, Kali Linux, Nessus, and PowerShell Empire.
• Experience conducting penetration-testing/red team engagements as a consultant or within a previous role in a professional organization.
• Strong operating system knowledge across *nix, Windows, and Mac; proficient with networking protocols.
• Proficient with vulnerability management solutions such as Qualys, Nessus, Kenna Security, Tanium, and open source tools.
• Experience stabilizing systems to run minimal application requirements, least privilege, and additional host hardening.
• Understanding of Windows and *nix operating systems, endpoint applications, networking protocols, and devices.
• Preferably some experience with vulnerability management across Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
• Experience conducting organization-wide vulnerability scanning and remediation processes.
• Ability to obtain and maintain persistence within corporate systems while avoiding detection.
• Familiarity with defensive and monitoring technologies such as intrusion prevention/detection systems (IPS/IDS), security information and event management systems (SIEMs), firewalls, endpoint protection (EPP), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).
• Understanding of OWASP, the MITRE ATT&CK framework, and the software development lifecycle (SDLC).

Education:

• Bachelor's degree in a related discipline or equivalent work experience.