Offensive Security Engineer

Summary

Join Trace3 as an Offensive Security Engineer and perform offensive security campaigns for clients to enhance their ability to protect against and respond to cyber threats. You will uncover vulnerabilities through ethical hacking and penetration testing, working closely with team members to execute and report on sophisticated exercises. This role involves application and OS security assessments, providing recommendations for countermeasures, and building strong client relationships. The position requires a Bachelor's degree or equivalent experience, relevant certifications, and experience in penetration testing, application assessments, and scripting. You will be responsible for reporting findings, developing automation tools, and contributing to Trace3's security presence. The role offers competitive compensation, benefits, and a collaborative work environment.

Requirements

• Bachelor’s degree in Engineering in Computer Science or Information Technology or a related technical field; or equivalent related professional experience
• Through understanding of one or more Unix/Linux/Mac/Windows operating systems
• 2-3 years' experience in at least three of the following: Red Team penetration test tools such as Kali, ParrotOS, Bloodhound, MetaSploit, BurpSuite, OWASP Zap, etc
• Network penetration testing and manipulation of network infrastructure
• Mobile and/or web application assessments
• Shell scripting or automation of simple tasks using Perl, Python, Go, Powershell or Ruby
• Experience with at least one or more of the major cloud providers (AWS, Azure, and GCP)
• Strong knowledge of tools used for wireless, web application, and network security testing
• Strong knowledge of current web application structure and strong ability to test both modern and older web applications
• Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers
• Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience
• Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment
• Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver
• Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment
• Ability to travel when needed

Responsibilities

• Perform client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools
• Conduct periodic scans of networks to find and detect vulnerabilities
• Generate reports that clearly communicate testing and assessment details, results, and remediation recommendations to clients
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
• Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
• Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
• Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing
• Contribute to Trace3’s presence and brand in the Security community

Preferred Qualifications

• OSCP, OSCE, eCPPT, eWPT, PNPT or other equivalent certification(s) is a huge plus
• Developing, extending, or modifying exploits, shellcode or exploit tools
• Developing applications or scripts in C#, ASP, .NET, ObjectiveC, Go, Java (J2EE), Python, or Ruby

Benefits

• Comprehensive medical, dental and vision plans for you and your dependents
• 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability
• Competitive Compensation
• Training and development programs
• Stocked kitchen with snacks and beverages
• Collaborative and cool culture
• Work-life balance and generous paid time off