Penetration Tester/Purple Team Tester
Colorado Springs, CO
Applications have closed
Dark Wolf Solutions
The Alphaof technology Dark Wolf Solutions operates at the nexus of mission and technology to meet our Nation's most challenging missions. JOIN THE PACK Connect Our Background About Us We combine the most innovative emerging technologies with...Dark Wolf Solutions is looking for a Purple Team Tester who will plan and perform continuous cross-domain assessments to identify security gaps, detect malicious activities, develop SIEM detection queries to validate offensive testing methods. The candidate must display familiarity with cloud-based Windows and Linux operating systems and environments and be able to mature SEIM detection methods and have familiarity with Kubernetes. They will have well-rounded understanding of endpoint/network defenses and detection methodologies, forensics, or incident response. They will also have some offensive security knowledge to allow the ability to think like an adversary. Regularly collaborate with multiple teams to resolve security gaps as well as collect metrics and present reports to leadership on current security posture. Travels to client sites on a semi-regular basis to conduct onsite assessments and tests.
Required Qualifications:
- 5+ years’ experience in three or more specific areas to include: networking security, penetration testing tools, red teaming, vulnerability assessment tools, SIEM threat detection, ETC
- Proficiency with cloud technology and deployments: Amazon Web Services, Microsoft Azure, and familiarity with container technologies to include container orchestration (Kubernetes) and microservices.
- The team member will need to have experience in conducting research and identifying methods to detect emerging cyber threats attack methods, and evolving Tactics, Techniques, and Procedures (TTPs).
- Understanding the organizational threat model to effectively design, develop, and execute internal purple team exercises that align to the MITRE attack framework and incorporate TTP libraries of our key adversaries and detection methods
- Ability to document purple team assessment processes, results, and remediation efforts in order to provide status updates to internal and external customer
- Partner with other Security and Engineering pillars in the ongoing cATO(continuous authority to operate) process of more secure development and operational practices.
- Proficiency with commercial and open-source security assessment tools to address identified security gaps based off exercise results
- Demonstrated strong written and verbal communication skills
- BS (or equivalent) in Cyber security, Information Security, IT, EE, Network Engineering, Computer Science, or related field
- DOD 8570 IAT 3 Compliant (CISSP, CASP, etc)
- Active TS/SCI security clearance required
Desired Qualifications:
- Desired security certification: examples include OSCP, CEH, CISSP, CKS, GCIH, GPEN, etc.
- Familiarity with Wireshark, Fiddler, EnCase, Sleuthkit and similar tools
- Experience employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
- Law Enforcement/Cyber Forensics experience
- Experience in performing post-incident computer forensics without destruction of critical data.
- Experience in Malware Analysis and Reverse Engineering.
- Experience with DevSecOps, Helm, Gitlab, and K8s
- Desired experience ensuring quality assurance and the spreading of best practices
- Experience with operational communications
- MS degree in technical field
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.Tags: Azure CASP+ CEH CISSP Clearance Clearance Required Cloud Compliance Computer Science DevSecOps DoD DoDD 8570 Forensics GCIH GPEN Helm Incident response Kubernetes Linux Malware Microservices Offensive security OSCP Pentesting Reverse engineering Security assessment Security Clearance SIEM Threat detection TS/SCI TTPs Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs