Jobs · workingnomads

G

Security Consultant - Threat & Attack Simulation

Brightpath Technologies · USA · Posted 7d ago

remotemidEstimated 131k-280k USD🇺🇸 United States
Apply on workingnomads

About the role

Consult on threat and attack simulations using various technologies for Brightpath Technologies.

Brightpath Technologies provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Summary Brightpath Technologies’s Threat & Attack Simulation Practice provides attack-oriented professional services, Red Teaming, Purple Teaming, Network Penetration Testing, Cloud Penetration Testing, Social Engineering, and various ad hoc custom assessments to address unique information security concerns for clients. As a Security Consultant, you will be a technically adept and reliable team member who leverages your knowledge, skills, and experience to deliver exceptional results to clients for the Practice’s core professional service offerings and assist with shaping the future of the practice. Brightpath Technologies’s Threat & Attack Simulation Practice provides attack-oriented professional services, Red Teaming, Purple Teaming, Network Penetration Testing, Cloud Penetration Testing, Social Engineering, and various ad hoc custom assessments to address unique information security concerns for clients. As a Security Consultant, you will be a technically adept and reliable team member who leverages your knowledge, skills, and experience to deliver exceptional results to clients for the Practice’s core professional service offerings and help shape the practice's future. Your primary responsibilities revolve around performing challenging and complex assessments, sharing knowledge with team members, and contributing to growth and improvement. Security Consultants are encouraged to interact with the Threat & Attack Simulation Leadership Team and contribute to the Practice's future success. Brightpath Technologies’s Threat & Attack Simulation service offerings are perpetually evolving in response to emerging threats and diverse client needs. Your creativity and expertise will assist the Practice by adapting to this rapidly changing environment. Role Responsibilities Deliver Threat & Attack Simulation's professional services, including but not limited to Vulnerability Assessments, Internal and External Penetration Tests, Wireless Security Assessments, Onsite and Remote Social Engineering, and a variety of custom assessments Author comprehensive assessment deliverables that are proficiently tailored to both technical and managerial audiences and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients Contribute to marketing initiatives via activities such as publishing research, speaking at industry conferences, authoring blog articles and whitepapers, hosting webinars, and developing security tools Assist with Practice development, including improving existing offerings Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry. Foster client relationships by providing support, information, and guidance Configure, operate, and manage a Breach and Attack Simulation (BAS) or continuous penetration testing platform and report results to relevant stakeholders promptly Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company Perform other duties as assigned Education, Credentials, and Experience Lab-based certifications, such as OSCP, OSCE, OSEE, and GSE, are strongly preferred. Other relevant industry certifications, such as GPEN and GCIH, are also preferred. Experience with various public cloud components and architectures (AWS, Azure, GCP, etc.) InfoSec community involvement, such as conference speaking, blog/whitepaper authoring, and podcast speaking/producing experience, is strongly preferred. Minimum of two (2) years of experience performing offensive/attack-oriented security assessments Minimum of one (1) year of experience in an enterprise-level consulting services role Over four (4+) combined years of IT and information security experience are preferred. Internal operational (non-consulting) experience is strongly preferred. Experience with continuous penetration testing or Breach and Attack Simulation (BAS) platforms is a plus but not required. Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes. Knowledge, Skills & Abilities While it may not be feasible to satisfy every desired attribute listed below perfectly, Security Consultants are expected to possess a significant number of these attributes : Able to be the lead consultant, with minimal technical oversight, on at least the following assessment types: EVA/IVA and EPT. Able to be the lead consultant on IPTs, but may need fairly extensive technical oversight. May need occasional assistance from a senior team member during report review meetings when describing more complex attacks/vulnerabilities. Limited knowledge and practical skills related to evading common defensive controls (e.g., EDR and NDR evasion). Writes reports that typically require a fair amount of re-writing/edits before delivery to clients. Performs tasks in a timely manor (e.g., timesheets, reports, WSRs) and can communicate issues efficiently if any arise. Basic knowledge of and practical experience with AD-related attacks / privilege escalation techniques. We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint? Brightpath Technologies is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. Some added perks…. Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options) Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans 12 corporate holidays and a Flexible Time Off (FTO) program Healthy mobile phone and home internet allowance Eligibility for retirement plan after 2 months at open enrollment Pet Benefit Option

Read the full posting on workingnomads

FAQ

Is the Security Consultant - Threat & Attack Simulation role at Brightpath Technologies remote?+

This Security Consultant - Threat & Attack Simulation position is listed as remote (USA).

What is the salary for the Security Consultant - Threat & Attack Simulation role at Brightpath Technologies?+

The listing states Estimated 131k-280k USD.

What seniority level is this Security Consultant - Threat & Attack Simulation role?+

This is a mid level position.

How do I apply for the Security Consultant - Threat & Attack Simulation role at Brightpath Technologies?+

Use the "Apply on workingnomads" button to open the original posting on workingnomads, where you can submit your application directly to Brightpath Technologies.