Information Security Red Team Lead

Location: Atlanta, Ga
Date Posted: 06-18-2018
Information Security Red Team Lead
Compensation: Commensurate with experience
Location: Atlanta (Mid-Town)
Job Description
This position will be required to work collaboratively with Information Technology, other business units, and information security personnel.  The person filling this role will define a program for examining our own systems and infrastructure from an adversarial perspective (i.e., penetration testing), helping us identify and remediate points of exposure, weakness, or misconfiguration. This position will also define a program for researching cybersecurity capabilities and weaknesses of railroad-specific equipment and systems, supplementing broadly available research of common platforms from outside the organization and completing our view of technology upon which we depend for operation. Lastly, this position will serve as the point of coordination for all engagement of external resources for penetration testing.
Principal Duties:
The Information Security Red Team Reconnaissance and Research Lead will be a member of the Information Security group and a key leader for improving the overall information security program.  The candidate will establish a formal cyber security testing program which will include highly sophisticated penetration tests designed to develop a reliable assessment of the enterprise’s cyber defense capabilities.   
Responsibilities include:
  • Design and implement the Information Security Red Team program
  • Conduct planned and targeted tests of enterprise systems in order to expose any weaknesses before real adversaries may take advantage of them
  • Coordinate and lead all external and internal penetration testing
  • Develop detailed discovery reports for management and technical audiences
  • Recommend mitigation strategies to protect the confidentiality, integrity, and availability of our data and systems
  • Participate in team on-call rotation
  • Perform other duties as assigned
Job Related Experience:
Preferred Level: 3-7 years
  • Preferred Level: Bachelor’s Degree (BS)
  • Preferred Majors: Computer Science or Information Systems, Specialization in Information Security/Assurance is a plus
 Licenses / Certifications:
  • Preferred: GIAC Penetration Tester (GPEN)
  • Offensive Security Certified Professional (OSCP)
 Skills Required:
  • 3-5 years of information security testing & evaluation
  • 3+ years penetration testing
  • Ability to develop and execute practical penetration tests that assess the enterprise cyber defense posture
  • Thorough understanding of the latest security principles, techniques, and protocols
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat, CoreImpact)
  • Competent knowledge of risk management and threat intelligence analysis
  • Expert ability with scripting languages such as Python and Powershell
  • Detailed knowledge of database and operating system security
  • Experience with network security, networking technologies, and network monitoring tools
  • Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
  • Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) including the OWASP Top Ten
  • Strong verbal and written interpersonal communications skills and ability to deal effectively with business partners, peers, and management
  • Must have the demonstrated ability to work with a diverse team and lead/assist in developing and improving an information security program of a large enterprise
 Nice to Have
  • Knowledge of ICS/SCADA networks, architecture, devices, and protocols to include components of Positive Train Control (PTC)
  • Embedded systems design
  • Experience with mobility and cloud security
 Work Conditions
  • On-Call: Yes (Rotation: 1 every 8 weeks)
  • Weekend Work: As Required
  • Travel Required: 0-2 Days per Month
this job portal is powered by CATS