Remote Senior Red Team Operator

Summary

Join Figment, the world's leading provider of blockchain infrastructure, as a senior member of the Security Red Team to design and execute campaign-based security testing for Figment. The ideal candidate will have experience in cloud-based exploitation or security assessments, network penetration testing, API and web application assessments, scripting, and automation.

Requirements

• Bachelor's degree or four or more years of work experience
• Experience in cloud-based exploitation or security assessments
• Experience in network penetration testing and manipulation of network infrastructure
• Experience in API and web application assessments
• Experience in scripting and automation of simple tasks using Bash, Python, or similar
• Experience developing, extending, or modifying exploits, shellcode or exploit tools
• Experience with container orchestration management tools such as Docker and Kubernetes
• Experience with source code review for control flow and security flaws
• Experience with red, blue, or purple teaming exercises
• Strong knowledge of offensive security and pentesting tooling such as Kali Linux, Burp Suite, Mythic C2, and other open source tools
• Strong technical writing

Responsibilities

• Document processes, procedures, and workflows for red team operations
• Perform a full range of red team activities including network intrusion, cloud and development pipeline exploitation, web and application testing, source code reviews, threat analysis, and detection evasion techniques
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Collaborate with seniors in the security team to enhance the red team strategy and improve the company's security posture
• Effectively communicate findings and strategies to stakeholders, including technical staff, executive leadership, and legal counsel
• Provide practical and risk-appropriate recommendations to address vulnerabilities
• Configure and safely use attacker tools, tactics, and procedures in Figment environments
• Enhance Figment's red teaming processes by developing and improving scripts, infrastructure, tools, and methodologies
• Offer recommendations and guidance to enhance the defensive capabilities of the team and its ability to defend the Figment Enterprise
• Provide mentoring and training to blue team members and actively participate in cross-team security exercises
• Provide technical expertise and support during incident response and assist in creating post-incident action plans

Benefits

• 100% remote-first environment
• 4 weeks of PTO that kick in day one, with an additional 1 week of flex days
• Extended company-paid health benefits that kick in day one
• Best in class parental leave and flexible arrangements
• A home office stipend to create a space that you enjoy working in
• Monthly Wifi reimbursement
• A yearly Learning & Development budget
• 401K (US) or RRSP match (Canada)
• Stock Options in the company