Offensive Security Senior Consultant

The Offensive Security Senior Consultant position will be part of our Advisory practice on the Technical Assessments team. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work with a wide variety of tool sets and across various well-known client organizations.

Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Red Teams: adaptive, flag-based red team engagements designed to demonstrate the impact of a dedicated, persistent attacker
• Purple Teams: the “open-book” approach to penetration testing, working side-by-side with our internal and client blue teams to strengthen defense against real attackers.
• Web and Mobile Assessments: dynamic web and mobile application security testing.
• Penetration Testing: assess internal and external networks for common and custom security
  flaws that can lead to widespread access to sensitive systems and data.
• Tactical Assessments: social engineering, spear phishing, physical break-ins, product security assessments, industrial control systems, architecture reviews.
• Documentation: document evidence of work in reports and status updates.
• Research and Innovation: use knowledge gained to conduct research initiatives with the purpose of improving our services and giving back to the community.
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.

Requirements

• Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
• Demonstrable aptitude for technical writing, including assessment reports, presentations, and operating procedures.
• Experience communicating with clients and independently managing client projects.
• Knowledge of Windows and *NIX-based operating systems.
• Knowledge of networking fundamentals and common attacks/defenses.
• Experience managing multiple projects at once.
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
• Strong written/verbal communication and interpersonal skills.
• Excellent technical skills, impeccable soft skills, and organization skills.
• Strong written and verbal communication skills to effectively communicate successes and obstacles with team members and leads, as well as client stakeholders.

Travel

• Willingness to travel 30% depending on assignments and specializations (note that this applies during non-pandemic times, as required by clients).
• Willingness to travel internationally and domestically on a more frequent basis.

Benefits

Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA. 

Corps Training Program: Our SRA Corps training program is a six-week experience for May new hires that begins with one week of orientation at our Philadelphia headquarters. Whether new hires are interns, co-ops, or full-time consultants, SRA Corps members meet our founders, learn our values, and experience a day in the life of a cybersecurity consultant. Following orientation, Corps members return to their home office and participate in trainings such as Consulting 101, Enterprise Networks, Cloud Security and more. Our leaders provide hands-on offensive, defensive, and frameworks boot camps. 

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video, and phone sessions. 

Medical / Dental / Other (regular full-time employees only) 

• Generous medical, dental, and vision benefits at different price points. 
• Company-paid disability and life insurance. 
• Company 401(k) plan including annual 3% safe harbor contribution. 
• Free patient advocacy service that helps find care providers and resolve insurance queries. 
• Free on-site wellness programming covering both emotional and physical wellness. 
• Generous parental leave, sick leave, and vacation policies. 
• Option to work remotely or with a flexible schedule when needed. 
• Company-paid cell phone with discounted accessories. 
• 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000. 

(Subject to change) 

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.    

SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.