The Red Team Engineer will provide adversarial services to include engaging in various operations of different complexity and length to test security architecture, security tools, configurations and SIRT response to incidents. The Red Team Engineer will also partners with Blue Team members to Purple Team test security tools and detections. This role will have the opportunity to collaborate across Box as a whole, providing expertise and real world adversarial group experience to product, architecture and operational teams at Box.
Responsibilities:
Consult on, design, and execute adversary emulation operations
Conduct research into real-world threat actor tactics, techniques, and procedures to develop proof-of-concept tools and playbooks
Partner with the SIRT and other stakeholders in the organization to identify security posture improvement opportunities
Collaborate with the Threat Operations Team (Threat Intelligence, Detection, and Threat Hunting) on threat analysis and research
Present findings and operational work to groups in a clear and professional manner
Study the techniques of Threat Actors, and apply that lens to operational work
Experience:
Minimum five (5) years of experience of operating in a technical red team or pen tester capacity
Bachelor's degree in Information Technology, related discipline or relevant work experience
Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc)
Familiarity with MITRE ATT&CK and how it’s applied by both Red and Blue Teams
Project management, cross-team coordination and driving organizational change
3 years experience in the following areas:
Network penetration testing and manipulation of network infrastructure
Mobile and/or web application assessments
Email, phone, or physical social-engineering assessments
Shell scripting or automation of simple tasks using Perl, Python, or Ruby
Developing, extending, or modifying exploits, shellcode or exploit tools
Source code review for control flow and security flaws
Bypassing preventative and detective security controls to accomplish operational goals
Strong knowledge of tools used for wireless, web application, and network security testing
Skills:
Nominal understanding of regular expression and proficient in programming (.NET, C/C ) and scripting languages (e.g. Perl, Java, or Python)
Familiarity with common C2 frameworks such as Cobalt Strike, Mythic, and Metasploit
High level of proficiency of Linux/Mac/Windows operating systems, including bash and Powershell
Detailed understanding of the TCP/IP networking stack, network technologies and covert channels
Strong knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
Strong collaborative skills and proven ability to work in a diverse global team of security professionals
Strong organizational skills and mentoring
Comfortable with presenting to technical and executive level audiences
Strong verbal and written skills
Excellent interpersonal skills
Click the checkbox next to the jobs that you are interested in.
Architecture Skill
Building Codes and Regulations Skill
GBA Team, Austin, TX
Cloudflare, Inc., Austin, TX