Consulting Director, Offensive Security

Summary

Join our team as a Consulting Director, Offensive Security and lead a team of technical security consultants in assessing and challenging the security posture of Unit 42's clients. As a key member of our team, you will provide strategic and technical leadership, serve as a mentor to a team of offensive security personnel, and craft policies governing offensive security practices.

Requirements

• 12+ years of professional experience in technical fields directly relevant to offensive security, including software development, static code analysis, penetration testing, exploit development, threat hunting, and incident response
• Demonstrated subject matter expertise in multiple core offensive security service offerings, including a deep understanding of architecture requirements for Red Team exercises, Endpoint Detection and Response evasion methodologies, and Advanced Persistent Threat emulation techniques
• Hands-on experience and deep understanding of tools and techniques for conducting network, wireless, and web application penetration testing
• Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
• Knowledge of best practices for application, database, and web server design and implementation
• Knowledge of open security testing standards and projects, including OWASP & MITRE ATT&CK
• Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, Ruby, Bash, C/C++, C#, or Java
• Extensive experience managing a team of consultants in the execution of a variety of penetration testing requirements
• Exceptional communication and interpersonal skills, with the ability to serve as a front-facing representative of Palo Alto Networks, building and maintaining strong relationships with clients and stakeholders
• Proven ability to draft thorough, articulate reports that convey technically complex material to an executive-level audience, ensuring clear understanding and informed decision-making
• Experience scoping new opportunities with prospective clients, including drafting statements of work and proposals
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations, or equivalent military experience required

Responsibilities

• Provide a direct positive influence on the security posture of the world's most prestigious organizations by leading Unit 42's elite group of cybersecurity professionals in a variety of assessments for our top-tier clientele
• Orchestrate and manage a dynamic schedule for a large team of elite offensive security specialists, ensuring optimal alignment of skill sets to meet client needs and maximize usage of available billable hours
• Serve as a mentor to a team of offensive security personnel, maximizing professional development by providing ad hoc technical guidance and aligning employees with appropriate industry-standard training courses
• Craft policies governing offensive security practices which reflect cutting-edge capabilities of advanced persistent threat actors and enforce security best practices that ensure the safety of our client's environments
• Fulfill a customer-facing case leadership role for multiple concurrent events, guiding a technically diverse team of personnel through the complex challenges posed by some of the world's largest networks
• Ensure high quality engagement outcomes and deliverables by providing quality assurance and technical oversight during engagements
• Provide hands-on support for highly complex offensive security operations, utilizing cutting-edge techniques in technically challenging environments
• Provide front-line support to the sales team by meeting with clients to clearly articulate various penetration approaches and methodologies to both technical and executive audiences - Transform customer requirements into executable statements of work, including a work breakdown structure with accurate estimates of billable hours for each discrete phase of testing
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
• Assist in the development of security standards and best practices for the organization and recommend security enhancements as needed
• Assist with the development and maturity of both new and existing Unit 42 offensive security offerings

Benefits

• Health insurance
• Retirement benefits
• Paid time off
• Remote work, flexible hours