Sr. Offensive Security Engineer: SATCOM
Oceanside, California, United States
A2e Technologies
A2e Technologies - Electronic Design Services / Electrical Engineering Company. From concept to production.A2e Technologies Currently Assisting A Client Seeking:
Title: Senior Offensive Security Engineer
Location: Oceanside, CA
Remote/Onsite: Onsite/Remote 1-2 days per week
Term: F/T Perm
Start Date: ASAP
Required: Active Security Clearance (or within 5 years)
Responsibilities
Threat Intelligence Research:
- Lead the team analyzing cybersecurity attacks including
- RF against Software Defined Radios
- trends, and
- methodologies using unclassified/classified Threat Intelligence.
- This includes working with
- government/academic/commercial researchers and institutions,
- operational technology research labs,
- commercial companies and
- public and private cybersecurity information sharing groups (e.g., ISACs) to
- Research and investigate in more detail vulnerabilities including zero days and techniques that could impact critical national infrastructure, defense, and Client networks.
- Collaborate with a cross-functional team of the engineering,
- data science,
- product management,
- product marketing, and
- senior leadership to enhance the client’s detection and response capabilities.
Active and hands-on participation in Red Team Exercises and Penetration Testing:
- Employ simulated adversary threat-based approaches to expose and exploit vulnerabilities and weaknesses to improve the security of both client and customer products and networks.
- Replicate tactics and techniques used by modern attackers, common network exploitation and penetration techniques as well as common software exploitation techniques.
- Develop attack plans to meet the specified objectives and coordinate with other Red Team Operators to achieve these goals.
- Provide constructive feedback to the defenders and product teams on their successes and failures.
- Make automation and security assessment tool development and implementation recommendation that assist with Red Team exercises and Penetration Testing.
Requirements
- Engineering/Technical degree
- Advanced offensive security certifications (i.e., OSCP/OSEP)
- White box testing and exploitation analysis using source code analysis
- Black box testing and exploitation analysis using reverse engineering and protocol fuzzing
- Experience with reverse engineering products and/or software
- Experience with satellite communications systems/terminals
- Experience with Software Defined Radio tools such as GNURadio
- Experience with Operational Technology (OT) assessments
- Demonstrate proficiency in system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting,
- PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
- Proficiency in PowerShell, Python, C, C#, Go or other to build and extend toolsets
- Experience with network security test tools and scanners ranging from:
- nmap,
- Netsparker,
- Nessus, to
- Metasploit and
- Cobalt Strike
- Understanding of networking protocols with a preference for secure ones like:
- SSH,
- HTTPS,
- TLS,
- IpSec, and others
- Familiarity with Digital Signal Processing and/or RF telecommunications with a preference for experience with
- SATCOM using GNURadio,
- MatLab
- Understanding of security vulnerabilities and common software engineering flaws
- Infrastructure,
- product, and/or
- application-level penetration or
- Red Team testing experience Knowledge of attacker lifecycles and defender strategies
- A Subject Matter Expert for:
- Red Team/Penetration Testing activities,
- technologies, and
- tools
- Must have the ability to maintain an “Aggressive, Outsider Mindset” to “Think like an Attacker”
- Experience with Linux/embedded Linux/RTOS
Benefits
- Medical/Dental/Vision Coverage
- Paid Time Off
- Tuition Reimbursement
- 401k (Employer Match)
- Company Stock Program
- Employee Referral Program
- A2e Does NOT Accept Unsolicited Resumes or Referrals from any source other than the candidate, and, as a result, we will not be considering any unsolicited referrals or resumes sent to us as a fee -based candidate submittal.
- Any unsolicited resumes sent to A2e, including unsolicited resumes sent to a A2e mailing address, fax machine or email address, directly to A2e employees, or to A2e’s resume database will be considered A2e property.
- A2e will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.
- Agencies are hereby specifically directed NOT to contact A2e employees, A2e’s recruiting team, or other authorized A2e personnel, in an attempt to present candidates.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Black box C Clearance Cobalt Strike Code analysis Exploit Linux Matlab Metasploit Nessus Network security Nmap Offensive security OSCP Pentesting PowerShell Python Red team Reverse engineering Scripting Security assessment Security Clearance SQL SSH Threat intelligence TLS Vulnerabilities White box XSS
Perks/benefits: 401(k) matching Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs