Cyber Threat Management - Senior Cyber Security Research Consultant

About this role:

Our cyber threat managements group is looking for a strong cyber security professional to join our Cyber Threat Management Organization. This role will involve the operation of the Safebreach Breach and Attack Simulation platform and in-house developed tools to create sustained repeatable tests within the bank environment using a variety of scripting languages and techniques. The position involves collaborating with other members of the research team to turn proof-of-concept code and ideas into stable, automated tools and tests that can be integrated into the attack simulation environment. Management and support of Red Team Lab Infrastructure both on premises and off, to include server deployment, DNS management. This position will also play a role in taking in-house developed tools and operationalizing them for the benefit of the bank. This team member must be able to utilize complex hacking tools, create proof of concept exploits, and document attack chains so they can be re-created and defensive tactics developed for them. This position will reside within the Cyber Threat Management organization and works closely with our defense partners in a purple team capacity.

In this role, you will:

• Provide support to Red Team Operations
• Identify and pursue automation opportunities
• Collect and present data from automated testing
• Share the knowledge you learn through presentation opportunities
• Be an evangelist for automated testing capabilities
• Assist in the development of custom offensive security tools
• Participate in the planning and architecture of automated testing resources

• 4+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 2+ years of information security experience in converged testing (red teaming) demonstrated through work or military experience
• 2+ years of experience in one or a combination of the following: creating proof of concepts, creating exploits, or reverse engineering demonstrated through work or military experience
• 2+ years of automated information security penetration tools experience
• 2+ years of experience with Linux operating system engineering or automation
• 2+ years of experience with scripting languages such as Bash, PowerShell, Python, Shell, VBScript, or JavaScript

• Advanced Information Security technical skills
• Proficient in working with systems, networks, and application vulnerability testing - auto populated
• Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
• Security engineering experience that includes knowledge and understanding of recent research and industrial advances in one or more of the following areas: computer and communication networks, cyber security threat detection, cyber security experimentation and testing, innovative research in cyber security, physical security controls and their weaknesses, debugging, hardware and device hacking, or electronics security
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Knowledge and understanding of system/application architecture and design concepts
• Experience with Continuous Breach and Attack Simulation Tools (Safebreach, Cymulate, Google MSV, etc.)

• This position offers a hybrid work schedule
• This position is not eligible for Visa sponsorship
• Remote workers will be considered

• $100,000 - $163,000 - NC, AZ, TX, OH, IA
• $110,000 - $179,000 - MN, PA
• $120,000 - $196,000 - NJ, VA, CA
• Remote ranges based on locations

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement