Cyber Red Team Engineer (Specialist)

As a Cyber Red Team Engineer (Specialist), you will be in an individual contributor role responsible for supporting a global program by emulating real-world threats using threat actor tactics, techniques, and procedures with the goals of training and measuring the effectiveness of people, processes, and technology used to defend an environment. This position requires the ability to manage multiple complex engagements simultaneously.

As part of the Global Security organization, within Cyber Operations, the Red Team Operator will need to develop strong relationships within Security and with Technology globally in order to successfully execute the Red Team mission.

What you will do:

• Plan and execute complex Red & Purple Team events, penetration tests, and social engineering assessments

• Participate in the design, implementation, and testing of Equifax security controls and sensors

• Work directly with other Cybersecurity groups, including Threat Intelligence, to research, analyze, and investigate emerging threats

• Develop an integrated training and simulation program to test and exercise Cybersecurity detection, response, and investigation capabilities

• Develop strong relationships within Security and with IT leaders in responsible business units

• Provide detailed reporting and accountability to Management, Audit, and other internal stakeholders to ensure identified risks are captured, prioritized, and addressed

• Provide Audit and external client support as necessary

• Plan, coordinate, and manage third-party, threat-based assessments

What Experience You Need

• Required bachelor's degree in Computer Science, Information Technology, Cyber Security and Information Assurance or related field

• Minimum of 7 years of experience performing in Cyber Security related roles

• Minimum of 2 years experience with command and control frameworks such as Cobalt Strike and Sliver.

• Experience implementing command and control framework customizations.

• Understanding of MITRE ATT&CK framework.

• Has worked at least 1 year in Cloud based platform environments (Preferably Google or AWS).

• Understands *NIX and Windows operating system functionality.

• Experience working with basic networking fundamentals, e.g., IP, TCP, UDP

• Additional programming language experience or at least familiarity that could include Go, Python, Ruby, etc.

• Will be an enthusiast, "all things Cyber", who attends trainings, conferences, home labs, etc

What could set you apart

• Industry certifications: Certified Ethical Hacker (CEH) certification, GPEN (GIAC Penetration Tester), OSWE (Offensive Security Web Expert), Certified Red Team Operator, or Offensive Security Certified Professional (OSCP) preferred.

• Portfolio of software development projects, research, or documentation of implementing lab environments relating to information security

• Experience automating cloud technologies via API call

To adhere to our corporate location policies, this resource will be required to be local to the surrounding Atlanta, GA / St. Louis, MO and/or Reston, VA areas (or will be relocating). You are required to adhere to our Return To Office (RTO) / weekly onsite requirements (Tuesday, Wednesday, and Thursday). This individual can sit in one of the three locations mentioned.

#LI-Hybrid

#LI-JC2