Offensive Security Engineer
Offensive Security Engineer
EMBARK ON THE JOURNEY
We invite you to further your professional journey with Entara as a member of our Cyber Security Team. As a top-tier provider of technical service delivery, Entara maintains partnerships that require our team to work collaboratively across our organization to design and provide a secure foundation for our offerings. Our investment in our security operations is continuing to grow as we recognize the demand for an expert information operations team in order to protect both our clients and ourselves in the face of ever increasing complex threats and non-automatable security events As part of this team, you will contribute to the offensive operations, tactics, and vulnerability identification that enables Entara’s clients to proactively address threats before they’re realized.
WHAT YOU’RE ACCOUNTABLE FOR
- Drive offensive operations at scale and grow the value we deliver to our security team and leaders
- Identify vulnerabilities that can be used as a part of operational objectives and improve our adversary emulation accuracy
- Document the different phases of the kill chain for later root-cause analysis
- Develop and maintain tools for offensive engagements
- Manage workflow and coordinate with senior leadership
WHAT YOU’LL BE DOING
Our Offensive Security Engineer will own penetration testing and offensive security assessments for Entara and our clients within various environments such as Azure, Active Directory, AWS, Windows, and other applications. Our Offensive Security Engineer will report directly to the CISO as a member of our Cyber Security Team.
- Develop reporting inclusive of mitigations strategies based on team results for both management and technical audiences.
- Perform internal and external penetration assessments of operating systems, applications, databases, and network infrastructure components to detect and enumerate threats
- Develop and improve an information security program and information security resources
WHO YOU ARE: REQUIRED SKILLS AND EXPERIENCE
- 3+ year’s experience in Red Team penetration testing
- Advanced experience with Security Assessment Toolsets (Metasploit, NMAP, Cobalt Strike, Nessus, Burp Suite, PingCastle, etc.)
- Comprehensive understanding of security methodologies, technologies, and best practices
- Experience with Windows, Linux, UNIX, and Mac operating systems
- Advanced experience in automation and scripting of applications and systems
- Knowledge about CVE, Bug Bounty, and responsible disclosures
- Scripting language proficiency (ex. Python, Bash, PowerShell)
- Any information security certifications area plus i.e. GPEN, GWAPT, GCPN, and OSWE
- Ability to self-motivate when given strategic goals
- Excellent verbal and written communication skills
- Desire to contribute to a team culture that fosters & lives by our core values:
- Empathy: I put team and client before self.
- Excellence: I find inner joy in producing excellence.
- Execution: I value execution over intention in myself & others.
- Evolution: I am future-fascinated. Improvement is a lifelong quest.
WHAT YOU GET IN RETURN
As an employee at Entara, you will have a direct impact on our operations, our clients, and your fellow EntaraCorps members. Because of that impact, you get our respect and gratitude for the role you play in making Entara the best it can be. We consider mentoring and participating in the continual learning of others to be absolutely essential for both you and your co-workers.
To reflect our commitment to our employees, we offer unlimited PTO, work location flexibility, 100% remote work, 401k matching, employee outings (virtual and in person), reimbursement for seminars, conferences, and certifications, and 100% employee premium coverage for medical, dental, life, and disability insurance….and that’s just the tip of the iceberg.