RESPONSIBILITIES
Deliver technical cyber security assessment services such as penetration testing, source code review, security architecture review, red / purple team exercises and tabletop exercises.
Keep up to date with the latest exploitation techniques and procedures through research and access to our training platforms and intelligence sources
Assist with writing and delivering presentations for diverse audiences, ranging from industry groups / events to private industry clients
Assist with DFIR investigations, as needed.
ESSENTIAL REQUIREMENTS :
These qualities are considered most important to performing the role :
Demonstrated ability to conduct penetration testing, vulnerability assessments, red teaming
Experience using open-source and commercial cyber security testing tools and frameworks
Familiarity with CWE, CVSS, OWASP, Mitre ATT&CK frameworks and scoring systems
Ability to work with minimal supervision and guidance
Ability to quickly learn new tools and techniques and adapt to new environments
A pro-active and results driven mindset with a desire to collaborate and learn
Good written and spoken English skills
Ability to communicate effectively with both technical and non-technical audiences
A passion for deep dive on technical subjects and the ability to focus intensely on solving complex technical puzzles.
Good time management and organizational skills
Comfortable working alone or in small teams on very specialized engagements
DESIRABLE REQUIREMENTS :
Not essential, but candidates demonstrating the following qualities may be given priority selection :
Bachelor’s Degree or higher in Computer Science, Engineering or other relevant field
Software development and scripting experience
Hardware engineering, maker or hardware hacking experience
Be familiar or experienced with Active Directory security
Good knowledge of Cloud technology and security
Prior participation in CTF or Bug Bounty programs
Creating or contributing to open-source software projects, media or groups related to cyber security.
Prior experience presenting at meetups or conferences, delivering training or running workshops
Public speaking experience
Experience with DFIR or blue team / SOC experience
Reverse engineering experience
Vulnerability research experience and exploit development
Possession of relevant accreditation such as CREST, OSCP, GIAC, CRTP / CRTE, CISSP, etc. 
