Principal Red Team Engineer

Resideo Technologies, Inc. Austin , TX 78719

Posted 3 months ago

Resideo is seeking a highly motivated and skilled Principal Red Team Engineer with a strong technical experience with web application and network penetration testing & vulnerability management.

The ideal candidate should be self-motivated and strong in execution of tasks assigned. The individual should be inquisitive in nature, challenging the norm to identify vulnerabilities and threats. This is an amazing opportunity to grow with a company that is backed by dynamic leadership.

Job Responsibilities:

Responsible for conducting vulnerability assessments, penetration tests, web application testing, and social engineering campaigns. The successful candidate will identify, evaluate, and provide remediation guidance for potential weaknesses in company systems and processes. It is critical that the candidate be able to rapidly learn new technologies and processes with minimal assistance.

Core Role Functions:

  • Lead security technical testing against company applications and network assets.

  • Communicate findings, attack paths, and recommendations to technical and non-technical stakeholders through written reports and verbal presentations. Must demonstrate effective English writing skills.

  • Develop scripts, tools, techniques, and methodologies to improve the overall ability to deliver high-quality outcomes.

  • Provide technical expertise and guidance in developing and supporting business applications to ensure they are deployed securely.

  • Employ advanced internal network, wireless networks, mobile applications, thick-client applications, embedded applications, or hardware penetration testing techniques.

  • Act as a company's primary technical contact for vulnerability analysis.

  • Contribute to team's Tactics, Techniques, and Procedures (TTPs) knowledge base.

  • Demonstrate an understanding of penetration testing techniques and methodologies.

  • Develop/customize payloads specific to the environment, software version, or for evasion of defensive technologies.

  • Other duties as assigned.

Required Skills:

  • Bachelor's degree highly preferred

  • Strong expertise in at least two of the following areas:

  • Network penetration testing

  • Web application (web, mobile, etc.) penetration testing

  • Mobile application penetration testing

  • Social engineering (e-mail phishing, phone, physical, etc.)

  • 6+ years of penetration testing experience.

  • 4+ years of system admin, network admin, web application development, or programming experience.

  • Strong understanding of networks, firewalls, protocols, routing, web application stacks, and security technologies.

  • Working knowledge of common IT and security concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques, cyber incident response, malware analysis, computer forensics and the tools that support these processes.

Preferred Technical & Professional Experience:

  • OSCP, OSCE, GWAPT, GPEN or other technical certifications

  • Experience in reverse engineering software or hardware

  • Programming experience in one or more of the following: Java, .Net, PowerShell, Python, or Ruby

  • Experience with AWS and other cloud services platforms

  • Experience editing documents for grammar, clarity, and technical accuracy


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Engineer II Red Team

Amazon.Com, Inc.

Posted 3 days ago

VIEW JOBS 8/21/2019 12:00:00 AM 2019-11-19T00:00 Amazon's Offensive Security Team is seeking Red Teamers to help keep Amazon secure and safe from attackers. Our team in Austin is growing, and we want you to join us! This role has a broad scope, ranging from attacking Amazon's services, infrastructure and processes, discovering weaknesses in Amazon's digital and physical systems, and working with various Blue teams and service owners to sharpers our detective and preventative capabilities. This role presents an ultimate test of ones security knowledge and ability, along with the support of a team of highly skilled individuals. This position will provide you with challenging opportunities, both technologically and as a leader, but will also be a great deal of fun if hacking Amazon sounds exciting to you. A Security Engineer at Amazon is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Information Security, such as the Threat Intelligence and Application Security teams, as well as provide technical leadership and advice to teams and leaders throughout Amazon. You will be in direct contact with numerous teams in a variety of business verticals, giving you first hand knowledge about how Amazon is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Amazon to find new ways to break software and processes throughout the company. Engineers in this role must show exemplary judgment in making technical trade-offs between short-term fixes and long-term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Individuals in this role will be expected to provide thought leadership for the organization as you discover, invent and innovate throughout the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Amazon and its customers secure. Responsibilities: * Participate in Red Team engagements throughout Amazon with few limits and restrictions. * Conduct full cycle engagements with business units independently, or as part of a team. * Perform manual examination of client systems, web sites and networks to discover weaknesses. * Thoroughly document exploit chain/proof of concept scenarios for client consumption. * Communicate findings and discoveries to influence SVPs, VPs, Directors, and Domain Managers to prioritize and execute remediation plans. Amazon.Com, Inc. Austin TX

Principal Red Team Engineer

Resideo Technologies, Inc.