We’re looking for teammates that are driven to serve, make a difference and challenge themselves each day. We appreciate diverse backgrounds because we value flexible thinking in the face of threats.
Job Title: Senior Offensive Security Consultant (Senior Red Team Operator)
Job Location: USA or Guadalajara, Mexico
Travel: Up to 30% travel post-pandemic
Echelon Risk + Cyber is seeking an experienced Senior Offensive Security Consultant to join our team in Guadalajara. Your roles and responsibilities will include the execution of client assessments and audits ranging from a common penetration test to an advanced adversarial emulation exercise. Additional to our client-facing activities you will be expected to be engaged and contribute to research and development projects into new attack tactics, techniques, and procedures (TTPs). Our Offensive security team values teamwork and cohesion and operates under a “can you do the job, will you do the job, and will you fit in” model. We believe passion in security is paramount and those who strive to improve their knowledge in this field will grow quickly in our practice. Work will be performed in a consultative manner with clients of various industries, sizes, and makeup.
The ideal candidate will be an authentic, articulate, and humble leader who is unafraid to roll up their sleeves and dive deep into the unknown, using their security expertise to uncover problems within client environments and identify opportunities to increase the overall capabilities of the Echelon Risk + Cyber practice and our clients.
Our successful candidate will have the opportunity to engage with systems that are at the cutting edge of technology and scale.
What You Will Do
Conduct and/or assist in the execution of security assessments and audits including penetration testing (internal, external, web, wireless, physical), adversarial emulation exercises (red teams), social engineering exercises, and other offensive security-related exercises to improve a client’s overall security posture
Build and maintain technical knowledge of adversarial activity to emulate similar TTPs during security assessments
Use resourceful thinking to identify and exploit security vulnerabilities usually missed by automated tools
Contribute detail-oriented documentation on findings, observations, remediation steps, and/or mitigation recommendations in the form of Word and/or PowerPoint reports.
Find ways to improve your tradecraft and knowledge in the adversarial simulation space
Assist in developing a team to support client engagements and the firm mission, vision, and values
Produce thought leadership for the organization’s website blog on a regular basis
Actively be involved in the cybersecurity community, speak at local and national conferences
University degree in a relevant IT or Cyber Security field
3-5 years of relevant experience in an IT security role
Strong problem-solving skills and attention to detail in the technical space
Experience working with automated vulnerability scanning tools
Strong knowledge of Linux (Debian preferred) and Windows operating systems.
Skilled in relevant programming/scripting languages (Python, Bash, PowerShell, C, C#, C++, Java, Perl)
Considers communication style based on audience - ability to communicate highly technical findings to a non-technical audience clearly
Strong attention to detail and superior analytical, technical, and problem-solving skills
Comfortable learning and growing in a fast-paced, start-up environment
Ability to effectively communicate with a remote work team
Proficiency in English, both verbal and written
Only resumes submitted in English will be considered
A relevant Offensive Security Certification: OSCP, OSEP, OSWE, OSCE, CRTP, CRTE, PACES, GPEN, GWAPT, GXPN Knowledge of cybersecurity frameworks
Active engagement in a Penetration Testing training environment like HTB or Pentester Academy
HTB account with the active rank of “hacker”
Echelon Risk + Cyber fosters both personal and professional growth. We offer a competitive salary set according to your experience. We provide major health and life insurance plans with the option to enroll in our competitive medical check-up and car insurance policies. Echelon Risk + Cyber has additional generous benefit offerings including employer contributions to savings fund, flexible time off, remote work opportunities, and an extended maternity/paternity leave. We value diversity, inclusivity, and supporting our employees so they can enjoy all aspects of life.
The above statements are intended to describe the general nature and level of work being performed by people assigned to the job. They are not intended to be an all-encompassing list of all responsibilities, duties, and skills required of personnel so classified. Reasonable accommodations to essential functions of the job will be made if necessary.