This job is now closed
Job Description
- Req#: 275418BR
• At least 8 years of experience with increasing responsibility in Information Technology, Information and Cyber Security and Compliance that includes a combination of hands on/technical and project leadership skills
• Minimum of 6 years’ experience executing penetration testing / red team testing assessments of high-consequence systems (including execution of CBEST/ iCAST exercises and alike)
• Minimum of 4 years experience leading a Penetration Testing / Red Team
• In depth knowledge of enterprise architectures and operations
• Detailed and up-to-date knowledge of threat and vulnerability management techniques and tools
• Strong knowledge of e.g. OSI Model, MITRE ATT&CK Framework, Firewalls, IDS/IPS, Web Proxies and DLP amongst other
• Well versed in a wide range of security tools like Burp, Nessus, Metasploit, Empire, Cobalt Strike, etc. and familiarity with common reconnaissance, exploitation, and post exploitation frameworks
• An inquisitive mind and passion for security researching
• Knowledge of exploit crafting/handling/development, malware packing, delivery and obfuscation/evasion techniques
• Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
• Strong knowledge of networking protocols and packet analysis
• Able to operate at an advanced level of written and spoken communication in English; write and speak effectively with impact
• Strong project management skills
Desired Background:
• B.Sc. / M.Sc. in Computer Science, Computer Engineering, Information Security or equivalent
• ISC2 Certified Information System Security Professional (CISSP)
• One or More certifications related to Red Team Qualifications / and or Cyber Security such as:
o CREST Certified Simulated Attack Manager (CCSAM) or CREST Certified Simulated Attack Specialist (CCSAS) – Highly preferred
o Offensive Security (OSCE, OSCP)
o CREST Registered Penetration Tester
o GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT)
o Certified Ethical Hacker (CEH)
o CompTIA PenTest+
o GIAC Penetration Tester (GPEN)
o Offensive Security Certified Professional (OSCP)
o Certified Penetration Tester (CPT)
o Systems Security Certified Practitioner (SSCP)
o CompTIA Advanced Security Practitioner (CASP+)
o GIAC Certified Incident Handler (GCIH)
o Certified Information Systems Security Professional (CISSP)
o Certified Information Systems Auditor (CISA)
o Certified Information Security Manager (CISM)About the company
UBS is a global firm providing financial services in over 50 countries. Visit our site to find out what we offer in the United States of America.
Notice
Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.
Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.
An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.