As part of the Red Team, the analyst will...
Execute controlled real world attacks against MSI live systems, products and facilities.
Challenge existing security controls and identify strategic business and operational risks to the company.
Routinely adopt the tools and techniques of actual adversaries, leveraging the latest attacks on other organizations, and mimic the work of adversaries to improve and train the Security Operations Center analysts.
Work with incident response and security engineers to tune detection mechanisms and improve current processes and controls.
Utilize techniques to successfully demonstrate a vulnerability compromise and how these attacks of deliberate disruption can cause financial loss or cause negative impact to Motorola Solutions and its customers
What we are looking for..
Broad knowledge of MS Windows, Unix-based and mid-range platform systems used to deliver commercial enterprise applications
Cloud computing knowledge
Technically proficient in penetration testing tools such as: Cobalt Strike, Innuendo, Metasploit, Empire, responder, impact suite, nmap, masscan, bloodhound, etc
Ability to think creatively and create custom tools and exploits
Have a software development background and/or proficiency with utility programming/scripting languages like Python, Ruby, Powershell, etc.
Excellent English language skills: oral and written communication.
Proficient in developing and presenting in written and oral form highly technical information presentations to non-technical audiences at all levels of the organization
Strong team player, must be able to work with others and contribute to help solve complex issues
Ability to work with a geographically dispersed team
Certifications: Any of the following are preferred but not required: OSCP, OSCE, GWAPT, GPEN, or GXPN.
Hands-on technical security red team experience is a huge plus
Experience with Cyber Kill chain and MITRE's Adversarial Tactics, Techniques, and Common Knowledge.
The ability to submit sample code or scripts previously written, or example exploits developed. (Exploit DB, etc.)