Senior Offensive Security Consultant
SpecterOps is looking for a Senior Offensive Security Consultant to work on the Consulting Services team as operators, trainers, and program developers. The Adversary Simulation service line primarily works in large commercial enterprises conducting offensive assessment services (red team assessments, penetration tests, defensive capability tests, and specialty security assessments), supporting internal offensive programs, delivering training courses, and supporting research and development efforts. Our consultants work both onsite and offsite in diverse environments supporting our customers, anywhere from developing toolsets in support of operations to briefing executives.A successful candidate will have excellent technical skills, impeccable soft skills, and be a well-organized, self-directed individual.Salary Range: Base salary annually, commensurate with experience. Associate Consultant - $100,000 - $125,000Consultant - $125,000 - $145,000Senior Consultant - $145,000 - $170,000Location: This position is remote, based in the U.S. with optional travel quarterly for in person company events and other ad hoc meetings.Candidate must be authorized to work and reside in the United States; we do not currently sponsor immigration visasResponsibilitiesPlan and conduct offensive engagements ranging in size, scope, focus, and approachEffectively communicate findings, attack paths, and recommendations, and strategy to technical and executive client stakeholders through written reports and verbal presentationsBuild scripts, tools, or methodologies to enhance offensive servicesServe as a subject matter expert (SME) in one of the following areas: initial access, intelligence analysis, adversary tradecraft, offensive Windows/Nix/macOS operations, evasion operations, or technical capability developmentUtilize common offensive security testing tools and tradecraftStay up to date with cutting-edge adversary tradecraft and vulnerabilitiesEffectively communicate successes and obstacles with fellow team members and team lead(s)Interface with client contact(s) and staff in a constructive and professional mannerCoordinate and prepare for internal and customer facing meetingsAssist with scoping prospective engagements, participating in technical testing from kickoff through remediation, and mentoring less experienced staffTrain team members in adversary Tactics, Techniques, and Procedures (TTPs) and toolsContribute new or improve existing content for SpecterOps training courses and assist in the delivery of course offerings (instruction, lab support, etc)Requirements (All Positions)Ability to travel domestically and internationally; up to an average of 25% annuallyMust be able to pass a criminal background checkDesire to embody our core values of passionate curiosity, consistent improvement, empathy, sustainability, humility, and empowerment through transparency Associate Consultant: As an Associate Consultant, your primarily responsibility will be to learn. You will engage, participate, and contribute to the execution of a variety of services and projects. In doing so, you will actively develop a basic understanding of the SpecterOps Adversary Simulation service line and develop skills in one or more technical areas.Desired Qualifications: Foundational knowledge of offensive security concepts and assessmentsFoundational knowledge of security principles, policies, and industry best practicesWorking knowledge of Windows and *NIX-based operating systemsWorking knowledge of networking conceptsWorking knowledge of Active DirectoryWorking knowledge of programming or scripting languages, such as C#/.NET, C++, Python, PowerShell, Bash, etcAptitude for technical writing, including assessment reports, presentations and operating proceduresStrong written/verbal communication and interpersonal skillsDetermination to better self and the overall information security community through research efforts and release through blog posts, conference talk delivery, open-source tool release, and white paper publicationWillingness to support delivery of public and private training offerings (e.g., providing lab support, fielding student questions, etc)Consultant: As a Consultant, you will independently contribute to significant services and projects. You will be responsible for the entire lifecycle of small to medium-size services and projects.Desired Qualifications-Must meet the desired qualifications for an Associate Consultant, plus the following:Foundational knowledge of defensive security concepts and assessmentsWorking knowledge of offensive security concepts and assessmentsWorking knowledge of common regulatory requirements and governance frameworksProficient with Windows and *NIX-based operating systems and related offensive techniquesProficient with networking concepts and related offensive techniquesProficient with Active Directory and related offensive techniquesAbility to lead small to medium sized services and projectsAbility to communicate effectively with customers, team members and upper management for project deliveryAbility to contribute to the majority of offensive security service offerings (e.g., red team, penetration test, web application security assessment, cloud security assessment, defensive capability test, etc) as part of a team for the full project lifecycleStrong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracySenior Consultant: As a Senior Consultant, you will be responsible for the entire lifecycle of significant services and projects.Desired Qualifications - Must meet the desired qualifications for a Consultant, plus the following:A clear expert in one or more service lines and/or technical areasAbility to lead and execute majority of offensive security service offerings (e.g., red team, penetration test, web application security assessment, cloud security assessment, defensive capability test, etc)Experience leading small teams and engagementsExperience managing multiple projects at onceExperience communicating with clients and delivering presentationsExperience independently managing client projectsWillingness to develop and deliver training content as a lead course instructorWillingness to mentor and train fellow consultantsNice to Haves (All Positions)Bachelor's degree in a technical fieldExperience participating in and/or leading Fortune 1000 and/or large Federal Government security assessmentsPublic community contributions (e.g., conference presentations, blog posts, white papers, public tool development)Experience in administering, attacking, or defending Windows/Active Directory, Linux, and/or macOS environmentsExperience in technical writingExperience working for a service-based information security consultancyExperience developing and/or providing technical trainingDesire to teach and train students in offensive techniquesDesire to travel internationally and domestically on a more frequent basisWhat We OfferHealth/Dental/Vision/life insurance: 100% covered for both the employee and their family Flexible time off policy 13 paid holidays annually 401(k) with up to 4% company match Equity and quarterly bonuses based on company performance Remote work: $1,500 first year allowance to set up home office $500 annual home office allowance after first year $150 monthly cell phone and internet reimbursement $5,000 annual professional development allowance $5,250 towards continuing education or student loan repayment $1,200 annual budget for lifestyle, wellness, pet insurance and moreA one-time $10,000 benefit towards family planning Open intellectual property policies; allow researchers to retain rights over open-sourced research toolsIn person and virtual employee events throughout the year And of course, company swag! All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. To request reasonable accommodations, please contact us at [email protected] Unsolicited resumes are not acceptedOriginally posted on Himalayas
Apply Now
Apply Now