Ver oferta completa

SENIOR OFFENSIVE SECURITY ENGINEER

Descripción de la oferta de empleo

This position is part of the Security Group with worldwide responsibility for cybersecurity for IT, business systems, the network which extends to affiliates as well as security of products and services. As a Senior Offensive Security Engineer, you will be a key player in enhancing our organization's security posture, particularly in our cloud environments. You will lead offensive security efforts, including penetration testing, vulnerability assessments, and red teaming exercises, with a strong emphasis on cloud security. Your expertise will help identify and mitigate security threats before they can be exploited by adversaries.Key AccountabilitiesPenetration Testing and Vulnerability Assessments:Conduct comprehensive penetration tests on networks, web applications, cloud infrastructure, and other systems.Identify security vulnerabilities and provide detailed recommendations for remediation.Utilize both manual and automated tools to uncover security weaknesses.Cloud Security Testing:Perform security assessments of cloud services (e.g., AWS, Azure, Google Cloud Platform).Identify and exploit vulnerabilities specific to cloud environments.Collaborate with cloud architects and engineers to implement best security practices.Red Teaming Exercises:Plan and execute sophisticated red teaming exercises to simulate real-world attacks.Develop and deploy advanced adversarial tactics, techniques, and procedures (TTPs).Collaborate with blue teams to improve detection and response capabilities.Security Research and Exploitation:Stay updated with the latest security threats, vulnerabilities, and exploits, especially those related to cloud services.Research new attack vectors and develop proof-of-concept exploits.Share knowledge through detailed reports, presentations, and training sessions.Security Tool Development:Develop and maintain custom security tools and scripts to support offensive security operations.Automate repetitive tasks to enhance efficiency and effectiveness.Incident Response Support:Assist in the investigation and response to security incidents.Provide expertise on attacker methodologies and potential countermeasures, particularly in cloud environments.Collaboration and Communication:Work closely with cross-functional teams to integrate security practices into the development lifecycle.Communicate findings and recommendations to stakeholders in a clear and concise manner.Networking/Key relationshipsAn Offensive security engineer interacts with different stakeholders including:Information Security Team: Collaborate closely with the security team to share insights, coordinate efforts, and enhance overall security posture.IT and Cloud Infrastructure Teams: Work with IT and cloud engineers to ensure secure deployment and maintenance of systems.Development Teams: Partner with developers to integrate security practices into the software development lifecycle (SDLC).Incident Response Team: Provide support and expertise during security incidents and post-incident analysis.Senior Management: Communicate security risks, findings, and recommendations to leadership to inform strategic decisions.Minimum Knowledge & Experience required for the position:Education:Bachelor’s degree in Computer Science, Information Security, or a related field. A Master’s degree or relevant certifications (e.g., OSCP, OSCE, CISSP, CCSK, AWS Certified Security Specialty) is preferred.Experience:Minimum of 4 years of experience in offensive security, penetration testing, or red teaming.Proven track record of successfully identifying and exploiting security vulnerabilities, with significant experience in cloud security.Technical Skills:Deep understanding of networking protocols, operating systems, cloud infrastructure, and common application vulnerabilities.Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, as well as cloud-specific security tools like ScoutSuite, Prowler, and CloudSploit.Strong programming/scripting skills in languages such as Python, Bash, PowerShell, or Ruby.Cloud Security Expertise:In-depth knowledge of cloud security frameworks, methodologies, and best practices.Experience with cloud security tools and services from major cloud providers (AWS, Azure).Ability to identify and exploit cloud-specific vulnerabilities and misconfigurations.Soft Skills:Excellent problem-solving abilities and analytical skills.Strong written and verbal communication skills.Ability to work independently as well as part of a team.Skills & Capabilities:The skills and capabilities required by the position are:Technical Proficiency:Expert knowledge in penetration testing and offensive security methodologies.Advanced understanding of cloud security principles and the ability to implement them effectively.Strong capability in developing and using security tools and scripts.Analytical Thinking:Ability to think like an attacker to identify and exploit security vulnerabilities.Excellent analytical skills to assess complex systems and identify potential weaknesses.Communication Skills:Strong written and verbal communication skills to articulate security issues and recommendations to diverse audiences.Fluent English in verbal and written communicationAbility to create clear and concise documentation and reports.Problem-Solving:Strong problem-solving skills to develop innovative solutions to complex security challenges.Ability to respond effectively to security incidents and provide expert guidance.Collaboration:Ability to work collaboratively with cross-functional teams, including IT, development, and cloud infrastructure teams.Strong interpersonal skills to build effective working relationships.Continuous Learning:Commitment to continuous learning and staying updated with the latest security threats, tools, and best practices.Participation in professional development activities and security conferences.Travel requirements:Less than 10% of time
Ver oferta completa

Detalles de la oferta

Empresa
  • Werfen
Localidad
  • En toda España
Dirección
  • Sin especificar - Sin especificar
Fecha de publicación
  • 25/12/2024
Fecha de expiración
  • 25/03/2025
Asistente de atención médica Senior - Coordinador de turnos
Reach HR Consulting

Estamos buscando un asistente de atención médica senior para coordinar la prestación de atención médica... asistente de atención médica senior - coordinador de turnos - car home / asistencia domiciliaria - turnos de día y de noche - centro de atención continua y domiciliaria - cornwall reino unido reach......

Asistente de atención médica Senior - Coordinador de turnos
Reach HR Consulting

Estamos buscando un asistente de atención médica senior para coordinar la prestación de atención médica... asistente de atención médica senior - coordinador de turnos - asistencia domiciliaria / asistencia domiciliaria - turnos de día y noche - centro de atención continua y domiciliaria - cornwall reino......

Técnicos senior de radiología - Unidad de salud móvil
Reach HR Consulting

Técnicos senior de radiología - reino unido - unidad de salud móvil de imágenes reach hr es una empresa especializada en la contratación de profesionales sanitarios... apoyo y colaboración en el proceso de reserva y asegurarse de que los sistemas de información del paciente se mantengan con información......

Senior Sales Assistant - Store LIU∙JO , BARCELONA
Liu Jo SPA

Liu jo está buscando para su store en paseo de gracia, barcelona un (a) senior sales assistant... sus principales cometidos serán los siguientes: · transmitir al cliente pasión y conocimiento del producto; · desarrollar e impulsar las ventas; · recibir y acompañar a nuestra clientela de alta gama; ·......

QA Engineer
Involve rh

Confidencial cuenta con una posición como qa engineer para garantizar la calidad del software mediante pruebas exhaustivas para identificar y corregir errores antes de su lanzamiento al mercado... automatizar pruebas utilizando herramientas como selenium o appium... habilidades: automatización de pruebas......

Profesional Senior dpto fiscal-contable
ASTERSA ASESORES

Asesoramiento personalizado a la carteta de clientes, gestión de firma electrónica, presentación telemática de modelos aeat (renta- imp sociedades- iva- instrastat – sii…), planes de viabilidad, informes económicos financieros, trámites y realizació......

Analista programador senior Web y Android. Teletrabajo.
Antay mobile solutions

Entorno de servidores windows, iis, etc... requisitos del puesto capacidades: capacidad de aprendizaje y de comunicación... disponer de un entorno adecuado para trabajar desde casa (sin ruido)... experiencia en la mayor parte de los siguientes apartados : análisis y toma de requerimientos con cliente......

CALL 14-2024-1 Research Engineer for a Cloud 5G/6G Lab
Centre Tecnològic de Telecomunicacions de Catalunya

Flexibility• expected professional category: r1/r2... our institution's comprehensive analysis and hrs4r action plan meet all the requirements of progress and quality of our hr policies... cover letter stating the motivation and suitability of the candidate... it can be reached by car, train (renfe)......

Senior CRM Executive
Triskel consulting

Responsabilidades: colaborar con equipos multifuncionales para desarrollar y ejecutar estrategias efectivas de crm alineadas con los objetivos comerciales... identificar puntos de contacto para la comunicación personalizada para mejorar la satisfacción y retención del cliente... capacidad analítica......

ADMINISTRATIVE DEPARTMENT
Rainsteal Oil & Gas, UK.

Administrative department business analyst, payroll manager, marketing specialist, administration supervisor, human resources officer, financial analyst, senior marketing analyst, logistics coordinator / expert, procurement officer, secretary / office assistants / office clerks / front desk clerks, account......