Heed the Call:
Senior Offensive Security Consultant (Senior Red Team Operator)

Echelon cybersecurity job

Back to Careers Page

We’re look­ing for team­mates that are dri­ven to serve, make a dif­fer­ence and chal­lenge them­selves each day. We appre­ci­ate diverse back­grounds because we val­ue flex­i­ble think­ing in the face of threats.

The Basics

Seniority Level: Mid-level

Job Functions: Information Technology

Job Location: Remote or potential relocation opportunities

Travel: Up to 30% travel post-pandemic

To apply, Contact Us

Overview: Echelon Risk + Cyber is seeking an experienced Senior Offensive Security Consultant to join our team. Your roles and responsibilities will include the execution of client offensive security-focused assessments and audits ranging from a common penetration test to advanced adversarial emulation exercises. Additional to our client-facing activities, you will be expected to be engaged and contribute to research and development projects into new attack tactics, techniques, and procedures (TTPs). We believe passionately that security is paramount, and those who strive to improve their knowledge in this field will grow quickly in our practice. Work will be performed in a consultative manner with clients of various industries, sizes, and makeup.

The ideal candidate will be an authentic, articulate, and humble leader who is unafraid to roll up their sleeves and dive deep into the unknown, using their security expertise to uncover problems within client environments and identify opportunities to increase the overall capabilities of the Echelon Risk + Cyber practice and our clients.

What You Will Do (Responsibilities):

  • Be a technical leader while executing security assessments and audits, including penetration testing (internal, external, web, wireless, physical), adversarial emulation exercises (red teams), social engineering exercises, and other offensive security-related exercises to improve a client’s overall security posture.
  • Build and maintain technical knowledge of adversarial activity to emulate similar TTPs during security assessments.
  • Use resourceful thinking to identify and exploit security vulnerabilities usually missed by automated tools
  • Contribute detail-oriented documentation on findings, observations, remediation steps, and/or mitigation recommendations in the form of Word and/or PowerPoint reports.
  • Find ways to improve your tradecraft and knowledge in the adversarial simulation space
  • Assist in developing a team to support client engagements and the firm mission, vision, and values
  • Conduct research and develop offensive security tools and exploits based on current and emerging TTPs
  • Produce thought leadership for the organization’s website blog on a regular basis
  • Actively be involved in the cybersecurity community, speak at local and national conferences


Requirements:

  • 3-5 years of offensive cybersecurity experience or 2-4 years’ experience in an offensive cyber operations (OCO) role authorized under US Title 10 or Title 50
  • Demonstrated ability to lead and perform Offensive Security engagements with little to no guidance
  • One of the following certifications OSCP, OSEP, OSWE, OSCE, CRTP, CRTO, CRTE, PACES, GPEN, GWAPT, GXPN, eCPTX,
  • Competency in penetration testing technical abilities and capabilities, including preferred practice models PTES, PCI-DSS, etc.
  • Ability to mentor, train, and develop others in a team environment, including a remote environment setting
  • Considers communication style based on audience- ability to communicate highly technical findings to a non-technical audience clearly
  • Strong attention to detail and superior analytical, technical, and problem-solving skills
  • Demonstrated experience collaborating with senior business leaders in support of security strategy- influencing and interpersonal skills
  • Ability to multitask, prioritize and lead teams in constantly evolving environments
  • Proven track record of solving complex and unique problems with no clear solution by use of expertise and unique knowledge
  • Authorized to work in the United States

Bonus Qualifications:

  • A Degree in a relevant IT or Cybersecurity major
  • Active engagement in a penetration testing framework
  • HTB account with an active rank of “hacker” or above, or similar training platform rank/skill
  • Consulting experience

Echelon Risk + Cyber fosters both personal and professional growth. We offer a competitive salary set according to your experience. We provide major health and life insurance plans with the option to enroll in our competitive medical check-ups and car insurance policies. Echelon Risk + Cyber has additional generous benefit offerings, including employer contributions to a savings fund, flexible time off, remote work opportunities, and an extended maternity/paternity leave. We value diversity, inclusivity, and supporting our employees so they can enjoy all aspects of life.

The above statements are intended to describe the general nature and level of work being performed by people assigned to the job. They are not intended to be an all-encompassing list of all responsibilities, duties, and skills required of personnel so classified. Reasonable accommodations to essential functions of the job will be made if necessary.

To apply, Contact Us

Are you ready to get started?
Latest Intelligence