Principal Security Consultant, Cyber, Offensive

Presidio, Inc. Birmingham , AL 35202

Posted 2 months ago

COME BUILD YOUR FUTURE WITH PRESIDIO!

We know technology is the key to success in a connected world. The innovative solutions we provide our clients can unlock possibilities that transform their business. While technology permits that connection, technology without imagination and ingenuity cannot be effective. At Presidio, we know that it's our people that make the connections happen.

WHY YOU SHOULD JOIN US? You will set your career on track for outstanding achievement with a company that knows no limits. Presidio is a leading IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

THE ROLE: Principal Security Consultant

Presidio is seeking a Principal Security Consultant to join our team in a remote capacity! We seek an experienced Principal Security Consultant, Cyber to join Presidio's elite Cyber Security consulting services team. As part of our team you will be directly involved in reviewing and assessing internal and external customer's security architectures, identifying risks and making recommendations that are aligned to applicable regulatory requirements and consensus-based security best practices. This role will have continuous opportunities to challenge and expand your skills and you will be routinely collaborating with other high-caliber security professionals on the Cyber Security architecture team as well as those on other teams such as from our Offensive Security group as well as Information Security Governance group.

Key Responsibilities:

  • Lead large security engagements in concert with other Presidio teams.

  • Perform web application testing across various web application platforms.

  • Perform black-box, gray-box, and other variants of internal and external penetration testing.

  • Lead technically focused projects with assistance of Engagement Managers.

  • Perform assessment activities for external, internal, social engineering, wireless, etc. projects.

  • Provide clear and professional reporting of assessment results to clients.

  • Develop standards and methodologies within the Cyber Security Division.

  • Review key factors, including inherent risk, mitigating controls, business impact, likelihood, and other key elements to determine security risk.

  • Work with other Principal Security Consultants in a collaborative setting to support and assist on the execution and delivery of key services such as documentation review, and security consulting services.

  • Assist Delivery Practice Leads in cybersecurity administrative functions, such as documentation maintenance, documentation creation, peer review, and other cyber security

  • Ability to travel up to 25%.

Required Skills:

  • Working knowledge of common operating systems and domain structures (Windows, Linux, Active Directory, etc.), servers, services, and associated vulnerabilities.

  • Demonstrable experience with security tools such as Burp Suite, Postman, PowerSploit, BloodHound, Impacket, Sysinternals Suite, OS native, and C2 frameworks.

  • Deep knowledge of common vulnerabilities and exploits, adversarial methodologies, and tactics.

  • Ability to understand and communicate technical recommendations around mitigation and detections of discovered risks.

  • Working knowledge of the TCP/IP protocol suite, TCP/IP headers and packets, the OSI model, and commonly used TCP/UDP ports and associated services.

  • Working knowledge of routing protocols, switching, firewall configuration, and security best practices, etc.

  • Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner.

  • Ability to travel on short notice.

  • Programming/scripting skills (Python, PowerShell, Bash, Golang, C#, JavaScript).

  • Experience with project deliverables from a VAR/Integrator experience.

  • Prior experience working closely with customers and collaborating with IT staff.

  • Working knowledge of cloud platforms such as AWS or Azure.

  • Security training focused around penetration testing, web applications testing, cloud security, or red teaming.

  • Current information security certifications such as OSCP, GPEN, GXPN, GCPN, GWAPT, or CRTO.

Additional Desired Skills:

  • Demonstrate ownership of projects and tasks, coupled with a sense of urgency in completing assign activities.

  • Strong cross-functional team participant and collaborative approach to problem-solving.

  • Manage and guide engagement members to engagement completion.

  • Strong verbal and written communication skills, organizational skills, and attention to detail.

  • Strong presentation skills.

  • Ability to work collaboratively or independently as required by a given situation.

  • Ability to maintain composure and professionalism in an interrupt-driven environment.

  • Ability to manage multiple and changing priorities and tasks.

  • Ability to be flexible and embrace change.

  • Self-motivated and self-directed.

  • Self-starter with the ability to manage their own tasks into a larger project or program effort.

Education and Experience:

  • Bachelor's Degree or the equivalent work experience and/or military experience

  • 3-5 years of conducting penetration tests, web application assessments, or other high-level technical testing.

  • Knowledge of security frameworks such as MITRE ATT&CK, OWASP, and NIST.

  • ABOUT PRESIDIO

Presidio is committed to Diversity, Equity, and Inclusion at the highest levels and has strengthened its drive to build and drive systemic DE&I change process across all levels of the organization. Cultivating a culture of inclusion where the expression of all our differences are valued, celebrated, and add to our collective achievements.

Presidio is a leading global IT solutions provider assisting clients in harnessing technology innovation and simplifying IT complexity to digitally transform their businesses and drive return on IT investment. Our Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions enable our almost 7,000 middle market, enterprise, and government clients to take advantage of new digital revenue streams, omnichannel customer experience models, and the rich data insights generated by those interactions.

We serve as an extension of our clients' IT teams, providing deep expertise and letting them focus on their core business. Within Presidio's 40+ US offices and offices in Ireland, London, Singapore, and India, we support 2,800+ professionals, including 1,600 technical engineers. Presidio is a trusted advisor to our clients on a national level while also bringing our global scale and expertise to bear.

For more information visit: www.presidio.com

  • Presidio is an Equal Opportunity / Affirmative Action Employer / VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, sexual orientation, gender identification or any other characteristic protected by applicable federal, state and local statutes, regulations and ordinances.

To read more about discrimination protections under Federal Law, please visit: https://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf (Get Acrobat Reader)

If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to recruitment@presidio.com for assistance.

Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to recruitment@presidio.com.

RECRUITMENT AGENCIES PLEASE NOTE:

Agencies/3rd Parties may not solicit to any employee of Presidio. Any candidate information received from any Agency/3rd Party will be considered a gift and property of Presidio, unless the Agency/3rd Party is an Authorized Vendor of Presidio with an up-to-date Presidio Contract in hand signed by Presidio Talent Acquisition. No payment will be made to any Agency/3rd Party who is not an Authorized Vendor, nor has specific approval in writing from Presidio Talent Acquisition to engage in recruitment efforts for Presidio.

#LI-PH1

#CB

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Specialist (Protective Security Advisor)

Department Of Homeland Security

Posted 2 weeks ago

VIEW JOBS 6/1/2021 12:00:00 AM 2021-08-30T00:00 * Duties Help Duties Summary Who May Be Considered: * U.S. Citizens * Status Candidates * Veterans * Land Management Eligibles under the Land Management Workforce Flexibility Act * View common definitions of terms found in this announcement. Learn more about this agency Responsibilities Joining CISA means being part of the team focused on securing the Nation's physical and cyber infrastructure against threats to public health and safety, economy, and national security; we Defend Today, Secure Tomorrow. Within CISA, the Integrated Operations Division (IOD) coordinates, collaborates, and executes CISA's operational activities to ensure seamless support and expedited response to critical needs. IOD enhances mission effectiveness and situational awareness by unifying the conduct and reporting of CISA operations through a single channel to provide CISA leadership with a common operational picture and ensure cross-divisional coordination in the implementation of CISA programs. IOD delivers intelligence products and context to support all missions. The division also conducts continuity and internal exercises to improve operational readiness throughout CISA. IOD serves as the primary service delivery function for CISA customers, operating under the direction of the ten regional directors. IOD standardizes and expands CISA's presence in the regions to adapt to evolving requirements and coordinates with other divisions on implementation of programs in the field. Visit www.cisa.gov to learn more about CISA and how you can be part of the team to Defend Today; Secure Tomorrow. In this position, you will serve as a Protective Security Advisor, and in this capacity you will: * Lead the DHS effort in developing strategies to identify and inspect/assess key critical infrastructure through high level coordination with Federal, State, Local, Tribal, Territorial (FSLTT) executive level officials responsible for critical infrastructure protection. * Serve as the principal advisor to executive level FSLTT and private sector officials on security and resilience policies, surveys/assessments, and measures to protect nationally and regionally significant critical infrastructure. * Lead and develop complex, three-year-long, multi-sector Regional Resilience Assessment Program (RRAP) projects that examine physical and cyber resilience and inform long-term DHS, CISA strategic goals, as well as national policy. * Lead the DHS effort to conduct complex surveys/assessments; analyze and identify dependencies, gaps, interdependencies, and vulnerabilities; and determine the cyber-physical nexus of critical infrastructure during planning and event execution for NSSE and SEAR events. * Coordinate and collaborate with high-level FSLTT executives in response to, and recovery from, natural or man-made incidents, both physical and cyber, in accordance with the National Response Framework. * Identify and develop strategies for DHS training based on needs analysis. Travel Required 25% or less - You may be expected to travel 1 to 5 nights per month for this position. Supervisory status No Promotion Potential 14 * Job family (Series) 0080 Security Administration * Requirements Help Requirements Conditions of Employment * You must be a U.S. citizen to apply for this position. * You must successfully pass a background investigation. * Selective Service registration required. * You must be able to obtain and hold a Secret security clearance. * Employees who are initially appointed to supervisory positions must serve a supervisory probationary period for one year. * You must submit to a drug test and receive a negative test result prior to appointment to this position. After appointment, you may be subject to periodic random drug testing. * Relocation expenses are not authorized. Other recruitment incentives may be authorized. * This position has been designated exempt from bargaining unit representation under the national security provision of 5 U.S.C. § 7112(B)(6). * All employees are required to participate in Direct Deposit/ Electronic Funds Transfer for salary payments. * Applying to this announcement certifies that you give permission for DHS to share your application with others in DHS for similar positions. * This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. § 7501-7533 and 5 CFR Part 752, as applicable). * Interviews may be required for this position. Failure to complete the interview may result in removal from further consideration. The interview process may consist of a in-person or phone panel interview. Qualifications You qualify for the GS-13 grade level (starting salary $92,389.00) if you have at least one full year of experience, equivalent to at least the GS-12 level in the Federal service, in performing the following duties: 1) implementing policies, procedures, and directives related to the protection of Critical Infrastructure; 2) evaluating critical infrastructure security methods and procedures; 3) reviewing and interpreting new directives and guidelines concerned with security activities affecting Critical Infrastructure; 4) serving as a liaison to other organizations on Critical Infrastructure Security matters. You qualify for the GS-14 grade level (starting salary $109,176) if you have have at least one full year of experience, equivalent to at least the GS-13 level in the Federal service, in performing the following duties: 1) developing and implementing policies, procedures, and directives related to the protection of Critical Infrastructure; 2) developing new critical infrastructure security evaluation methods based on new policies; 3) reviewing and interpreting new directives and guidelines concerned with security activities affecting Critical Infrastructure; 4) serving as a liaison to other organizations on a regional or national scale as an advisor and expert concerning Critical Infrastructure Security matters. National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office. Qualifications Must Be Met The qualification requirements listed above must be met by the closing date of this announcement. NOTE: Your resume must support your responses to the online questionnaire, the qualification and time-in-grade requirements. Failure to do so will result in an ineligible rating. Time-in-Grade Requirements: Under competitive merit promotion procedures, any individual who is currently holding, or who has held within the previous 52 weeks, a General Schedule position under a non-temporary appointment in the competitive or excepted service, must meet "time-in-grade" requirements (have served 52 weeks at the next lower grade of the grade for which you are applying). NOTE: Current and former employees MUST submit a copy of their SF-50 Form which shows competitive service appointment ("position occupied" block 34 on the SF-50 should show a "1"), tenure group (block 24 should show a 1 or 2), grade, and salary. If you are applying for a higher grade, please provide the SF-50 Form which shows the length of time you have been in your current/highest grade (examples of appropriate SF-50s include appointment, reassignment, with-in grade/range increase and promotion actions). Please note: Pay adjustments and awards do not include the length of time in your current position, therefore, they are NOT acceptable. If you have promotion potential in your current position, please provide proof. Employees applying with an interchange agreement must provide proof of their permanent appointment. You MUST meet all qualification requirements, including Time-in-Grade, by the closing date of this announcement. Qualification AND time-in-grade claims will be subject to verification. Education This job does not have an education qualification requirement. Department Of Homeland Security Birmingham AL

Principal Security Consultant, Cyber, Offensive

Presidio, Inc.