An ICE Information Security Red Team Senior Engineer is part of the information security assurance group driving security improvement through continuous assessment of our threat landscape.
Duties and Responsibilities
- Red Teaming - models atomic and scenario-based red team testing ranging from social engineering and phishing through control evasion and 0-day exploit development. Leverages and refines the condensed ICE kill chain framework, Mitre ATT&CK, and internally-developed priorities to probe weaknesses and identify opportunities for improvement. Evaluates and manages a wide array of third-party red team vendors to conduct frequent (monthly) on and off-site advanced threat and insider emulation campaigns across worldwide offices.
- Threat Automation: creates, develops and manages projects and products that continuously simulate new and emerging security threats and threat actors. Writes, validates and augments tools to support our evolving security requirements, use cases and organizational threat goals. Evaluates and implements software with scalability and repeatability in mind, ensuring that security controls are accurate and measurable.
- Vulnerability Scanning: runs and manages vulnerability scans. Maintains and continuously improves the vulnerability scanning infrastructure. Proactively seeks to minimize operational impact through vulnerability scanning process improvement.
- Red Team Intelligence: plans, develops and manages unique red team projects to support strategic information security goals. Gains deep insight into infrastructure, applications, business, operational and personnel processes to accurately inform on security risks and vulnerabilities. Emulates and applies real world threat intelligence and attacker techniques to effectively test organizational security. Stays informed, and tenaciously pursues applicable attack paths.
- Documenting and effectively publishing technology guidance and repeatable processes
- Mentoring peers in groups and individually
- Improving processes and introducing superior technology
- Taking initiative to learn business goals, liaise with other departments, and identify ways to increase productivity in other ICE groups and offices
Knowledge and Experience
- University degree in Computer Science, Engineering, MIS, CIS, or related discipline
- Scripting, software engineering, and system administration
- Offensive Security Certified Professional (OSCP) qualification