hero
51
companies
1,340
Jobs

Offensive Security Engineer

monday.com

monday.com

Other Engineering
Tel Aviv-Yafo, Israel
Posted on Monday, June 10, 2024

Offensive Security Engineer

  • Security
  • Tel-Aviv, Israel

Description

We are seeking an exceptional team member who is deeply committed to offensive security practices to join our dynamic team, which is focused on constant and never-ending improvement.

About The Role

  • Collaborate in the strategic planning, design, and execution of Red Team and Purple Team initiatives.
  • Conduct comprehensive red team assessments to identify and exploit security weaknesses within the organization's infrastructure, applications, and networks.
  • Execute comprehensive Adversarial Simulation / Red Team assessments.
  • Document findings meticulously and deliver detailed reports to stakeholders, along with actionable recommendations for remediation.
  • Evaluate vendor solutions and recommend security products accordingly.
  • Evaluate domain-specific tools to meet business needs, outlining associated estimates, documenting assumptions, and ensuring alignment with relevant roadmaps.
  • On call availability
  • Collaborate closely with blue team members to enhance defensive capabilities and improve incident response procedures.
  • Experienced pentester proficient in assessing security vulnerabilities & misconfigurations within SaaS environments, with a focus on cloud-based infrastructure
  • Develop and execute sophisticated attack scenarios to simulate real-world cyber threats and assess the effectiveness of existing security controls.
  • Research emerging threats and vulnerabilities to stay ahead of evolving attack techniques and trends.

Requirements

  • Demonstrable adversarial mindset and adept critical thinking skills.
  • Minimum of 3 years of hands-on experience in conducting red team operations.
  • Proficiency with a range of testing tools such as Metasploit framework, MitM Proxy, CrackMapExec,Qualys, Nessus, Burp Suite, Tanium, Wireshark, TCPdump, etc.
  • Competence in securing, administering,
  • Proficiency in scripting and modifying existing code using languages like Perl, Python, Ruby, bash, C/C++, C#, or Java.
  • Familiarity with open security testing standards and projects such as OWASP or the MITRE ATT&CK Framework.
  • Understanding of adversarial Tactics, Techniques, and Procedures (TTPs).
  • Experience in evaluating and testing cloud environments, particularly AWS, GCP, and Azure.
  • Deep understanding of Identity and access management concepts.
  • Excellent written and verbal communication skills, with experience in diverse and global environments.
  • Thorough understanding of security methodologies, technologies, and best practices.

Advantageous:

  • Active participation in the security community through avenues like conference speaking or tool development contributions.
  • Bachelor’s or Master’s degree in computer science, information systems, or a related field.
  • Certifications in penetration testing such as OSCP/E, OSEP, GPEN, CEH, etc.
  • Proficiency in programming languages like Python, PHP, PowerShell, Java, Ruby, or others.

#LI-DNI