Security Consultant

Job Duties and Responsibilities The focus of the Penetration Tester is to perform threat hunting activities for our enterprise and wireless networks. They will also be expected to participate in several different areas within the Cyber Defense Operations Center (CDOC); these activities can include (but are not limited to), use case development, and hunt plan development. This individual will use data analysis, threat intelligence, and cutting edge security technologies. Working within the CDOC at Dish Network, this individual is responsible for running campaigns and projects designed to test perimeter and internal cyber defenses in the manner a hacker would conduct an attack. They will ensure that new environments are identified and capable of accurate and actionable reporting for other tiers. They will also participate in developing processes, procedures, training, etc. for new technologies. The candidate must have a curious and investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences. This position will report directly to the Senior Manager of the Cyber Defense Operations Center. Job Duties and Responsibilities ¿ Perform penetration tests against network, application and mobile platforms ¿ Track and capture intelligence on threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs) ¿ Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host based security and application logs, as well as logs from a variety of security applications ¿ Perform Root Cause Analysis of security incidents to develop enhancements in existing alerting tools ¿ Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to Management ¿ Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end user interviews, and remediation efforts ¿ Develop advanced queries and alerts to detect adversary actions ¿ Coordinate and assist with vendor led penetration tests ¿ Ability to present technical findings to executives ¿ Train junior staff on threat hunting and penetration testing activities ¿ Document findings and create best practice procedures Skills, Experiences and Requirements Required Bachelor's Degree or Master's Degree in Computer Science, Engineering or related discipline preferred; or equivalent combination of work experience and certifications. ¿ 5 years of experience in Information Security ¿ 3 years of experience with the incident response process, including detecting advanced adversaries, and malware triage ¿ Experience with packet analysis and usage of deep packet inspection toolsets. ¿ Experience with multiple OS such as Windows, Linux, Mac OSX, iOS and Android ¿ Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITRE ATT&CK framework ¿ Familiarity with EDR/SOAR/Anomaly detection solutions ¿ 3 years penetration testing experience ¿ 3 years threat hunting experience Desired ¿ Prior experience working with in the following areas: ¿ Building custom exploits ¿ History of CVEs ¿ Strong programming in any language ¿ Forensics and Malware Analysis ¿ Experience with APTs and mapping threat hunting to various security frameworks ¿ Extra vocational hunting and penesting engagement like Capture The Flag contests, meetups/conferences, bug bounty hunting, etc ¿ Advanced Cyber Security certifications such as: CISSP, OSCE, GCTI

Salary : $112,000 - $141,000