Red Team Sr Security Analyst

Місто : , Kyiv,
Компанія : Stryker
Зарплата :
Знайдено : 24 дні тому

Опис

A Red Team Security Analyst at Stryker is expected to have a strong understanding in multiple domains. Red Team Security Analysts in this role work closely with teams throughout Information Security, as well as provide technical leadership and advice to teams and leaders throughout Stryker. You will be in direct contact with teams in a variety of business verticals, giving you firsthand knowledge about how Stryker is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Stryker to find new ways to break services, processes, and technologies throughout the company. The Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical Stryker assets. Essential duties & responsibilities: Perform independent research and ongoing study to continuously develop and upskill technical knowledge and capabilities Perform Vulnerability Assessments and manual validation of vulnerabilities, as required Conduct all phases of Penetration Tests and Red Team engagements throughout Stryker independently, or as part of a team Create detailed Operations engagement plans and conduct associated research and scoping Maintain accurate logs of engagements, and step-by-step documentation of testing efforts Develop accurate, comprehensive reports and debriefs for both executive and technical audiences Present findings and recommendations to a group stakeholders, when required Simulate adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK, Cyber Kill Chain, and other sources of information Become familiar with all required team processes and procedures Develop solutions to complex problems, and make moderate to significant improvements to processes and systems to enhance operational efficiency Configure payloads, scripts, and tools to fulfill needs of the team Communicate and collaborate effectively with partner teams, service owners, Information Security, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings Keep current with the latest offensive security TTP’s as correlated with threat intelligence and industry trends Participate in meetings to assist and guide stakeholders in efforts, such as remediation of vulnerabilities Work with Blue Team members to help both teams understand and improve detection and response Other duties as assigned by manager Education & special trainings: Bachelor’s in Computer Science or related field preferred Bachelor’s degree or equivalent professional experience required One or more security certifications preferred, see next bullet Hands-on certifications, specifically PJPT, eJPT, PNPT, OSCP, CPTS, eCPPT, GPEN, GWAPT, OSWA, or Burp Suite Certified Professional are strongly preferred (other certifications or training completed considered on a case-by-case basis, if based on hands-on skills) Qualifications & experience: Must be able to demonstrate hands-on Penetration testing methodology in a live evaluation Minimum two(2) years of professional experience required One (1+) or more years work experience in an IT, Cybersecurity, or Software Development field required Prefer experience in a Red Teaming or Penetration testing role, including various types (e.g., network, AD, web app, API, cloud, iOT, Wifi, hardware, physical, social engineering, reverse engineering) Knowledge and understanding in two or more security domains (e.g., security engineering, system and network security, authentication and security protocols, cryptography, application security, incident response, access control, penetration testing) Experience with common Operating Systems (Linux, Windows Server) required, MacOS also preferred Strong knowledge of Networking and Active Directory fundamentals Prefer experience writing scripts in two or more scripting and development languages like (e.g., Bash, PowerShell, Python, Ruby, C/C++, Java, .NET, JavaScript) Prefer experience with cloud service providers and their offerings, especially MS Azure, and its various technologies and services Prefer experience with common offensive security tools (e.g., Metasploit, Burp Suite, Wireshark, C2) Prefer experience with adversary Tactics, Techniques, and Procedures (TTPs) Prefer experience in the application of Cyber Kill Chain and MITRE ATT&CK frameworks Prefer experience providing training and mentorship Prefer experience working with global and diverse teams Demonstrable teamwork skills and resourcefulness Travel Percentage: 20%

Схожі вакансії

    Senior Security Analyst

    • Waverley
    • Poland, Europe, Ukraine
    • 14 годин тому

    ... years of experience in a security analyst role.Strong understanding of security principles, threat modeling methodologies, and security best practices (OWASP, CWE, NIST CSF).Experience with security testing tools and methodologies (vulnerability ...

    waverleysoftware.com

    Security Associate SC-6 | Mykolaiv, Ukraine

    • World Food Programme
    • , null,
    • 23 дні тому

    ... related to implementing and assessing security measures and equipment maintenance to ... will have to: 1. Review security threats and risks in detail ... promptly detect any breach in security measures. Ability to interpret information, ...

    ua.talent.com

    Security Associate SC-6 | Mykolaiv, Ukraine

    • Programa Mundial de Alimentos
    • , Mykolaiv,
    • місяць тому

    ... will have to: 1. Review security threats and risks in detail ... for a crisis. 11. Deliver security training to staff and review security training needs in order to ... promptly detect any breach in security measures. Ability to interpret information, ...

    ua.talent.com

    Security Associate SC-6 | Mykolaiv, Ukraine

    • World Food Programme
    • , Mykolaiv,
    • місяць тому

    ... related to implementing and assessing security measures and equipment maintenance to ... will have to: 1. Review security threats and risks in detail ... promptly detect any breach in security measures. Ability to interpret information, ...

    ua.talent.com

    European IT Security Manager Application and Cloud Security

    • Provident Polska
    • , Odesa,
    • день тому

    ... in the area of application security (SDLC, shift-left security) and cloud security.   Responsible for application and cloud security strategic planning, delivery and reporting. Provides security support for business projects delivering ...

    ua.talent.com

    European IT Security Manager Application and Cloud Security

    • Provident Polska
    • , Kyiv,
    • 3 дні тому

    ... in the area of application security (SDLC, shift-left security) and cloud security.   Responsible for application and cloud security strategic planning, delivery and reporting. Provides security support for business projects delivering ...

    ua.talent.com

    IT Security Engineer

    • ELTEL Networks Poland
    • , Odesa,
    • 10 днів тому

    ... : Strategy & Planning Respond to IT security incidents and related systems outages ... to conduct research into IT security issues and products as required. ...

    ua.talent.com

    IT Security Engineer

    • ELTEL Networks Poland
    • , Kyiv,
    • 10 днів тому

    ... : Strategy & Planning Respond to IT security incidents and related systems outages ... to conduct research into IT security issues and products as required. ...

    ua.talent.com

    Field Security Assistant - Kyiv

    • UNESCO
    • , null,
    • 17 днів тому

    ... and controls effectiveness of Security Risk Management (SRM) measures for ... local Principal Chief Security Advisor.5. Liaises and exchanges security-related information with UNDSS and ... the host government security organizations and or personnel including ...

    ua.talent.com

    Senior Cloud Security IR Analyst VP

    • State Street
    • , Kyiv,
    • 10 днів тому

    ... Cloud Security IR Analyst for our Cloud Readiness & Response team, which is a key part of security operations at State Street. ... experienced security professional with deep expertise in cloud security. The senior analyst will be responsible for designing ...

    ua.talent.com

    Senior Cloud Security IR Analyst VP

    • State Street
    • , Odesa,
    • 10 днів тому

    ... Cloud Security IR Analyst for our Cloud Readiness & Response team, which is a key part of security operations at State Street. ... experienced security professional with deep expertise in cloud security. The senior analyst will be responsible for designing ...

    ua.talent.com

    Cyber Security Assessment Manager

    • , Taguig ,
    • 14 годин тому

    ... with the Technical Security Centre team, to produce technical security reports, present the results to ... Incident Management Ensure that security operations aspects are taken into ... on troubleshooting complex cyber security and technical incidents in the ...

    jobs.jti.com

    Security Lead Engineer

    • Relout
    • , Odesa,
    • день тому

    ... are currently looking for a Security Lead Engineer , willing to join ... the feasibility and effectiveness of security solutions for our digital services ... to design and implement complex security solutions Exceptional communication and collaboration ...

    ua.talent.com

    Security Lead Engineer

    • Relout
    • , Kyiv,
    • день тому

    ... are currently looking for a Security Lead Engineer , willing to join ... the feasibility and effectiveness of security solutions for our digital services ... to design and implement complex security solutions Exceptional communication and collaboration ...

    ua.talent.com

    Cloud Security Lead

    • Relout
    • , Odesa,
    • 2 дні тому

    ... currently looking for a Cloud Security Lead, willing to join a ... the feasibility and effectiveness of security solutions for our digital services ... to design and implement complex security solutions Exceptional communication and collaboration ...

    ua.talent.com

    Cloud Edge Security Architect

    • Relout
    • , Kyiv,
    • 2 дні тому

    ... looking for a Cloud Edge Security Architect, willing to join a ... the feasibility and effectiveness of security solutions for our digital services ... to design and implement complex security solutions Exceptional communication and collaboration ...

    ua.talent.com

    Cloud Edge Security Architect

    • Relout
    • , Odesa,
    • 2 дні тому

    ... looking for a Cloud Edge Security Architect, willing to join a ... the feasibility and effectiveness of security solutions for our digital services ... to design and implement complex security solutions Exceptional communication and collaboration ...

    ua.talent.com
Top