Information Security Specialist, Red Team Lead

5 - 7 years experience  • 

Salary depends on experience
Posted on 03/20/18
Raleigh, NC
5 - 7 years experience
Salary depends on experience
Posted on 03/20/18

Responsibilities: 

  • Perform penetration tests and Red Team exercises against Phreesia’s range of infrastructure, applications, products, and services 
  • Simulate Red v. Blue interactions and incorporate lessons learned to improve Phreesia’s defenses 
  • Perform vulnerability scanning and secure configuration testing of information systems hosted across diverse platforms 
  • Lead threat analysis and attack modeling to identify weaknesses in defenses, including network segmentation analysis and firewall reviews 
  • Serve as advisor and subject-matter-expert of advanced adversary, offensive security objectives and tactics 
  • Work closely with infrastructure and development teams to foster a culture of risk management, and increase awareness of threats and potential vectors of attack 
  • Develop processes for vulnerability monitoring and alerting of Phreesia’s technology stack 
  • Consult on regulatory and compliance requirements 

Qualifications: 

  • OSCP-certifiedactively pursuing OSCP, OSCEOSWE certification (or similar), or equivalent knowledge and skills 
  • > 7 years of Information Security experience5 years performing network and application-layer penetration tests and assessments required 
  • Experience in performing Red Team campaigns, maturing organizational vulnerability management practices 
  • Experience training internal teams on offensive security tactics and defenses 
  • Experience with architectural risk analysis and secure SDLC a plus 
  • Experience with public bug bounty programs and CTF exercises a plus 
  • Experience developing secure applications a plus
Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.