Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk
Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders
Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing
Consult with defensive operations teams on adversary tactics to guide and mature cyber defensive countermeasures
Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff
Qualifications
Proficiency with leading commercial and open-source automated reconnaissance and penetration testing tools and services
Ability to perform targeted penetration tests without use of automated tools
Client-side code execution
Intimately familiar with networking fundamentals (all OSI layers)
Understanding of application design principals
Knowledge of web application exploitation methodologies
Ability to independently research new vulnerabilities in software products
Familiar with fundamentals of software exploitation on modern operating systems
Current knowledge of common threats as they relate to specific industries
Ability to read and interpret common programming languages
Excellent written skills, articulating highly technical topics to a wide range of audiences
Effective organizational and inter-personal skills communicating with clients