Consultant, Cyber Adversarial Emulation

Ensign is hiring !

Consultant, Cyber Adversarial Emulation

Duties and Responsibilities

• Perform vulnerability assessments, penetration testing and red teaming on a wide range of technologies including but not limited to Network, Web, Mobile, Thick Client Applications, Cloud, Kubernetes, and Operations Technology.
• Develop internal VAPT and red team capabilities through scripting, automation, and hands-on research into the latest exploitation tactics, techniques, and procedures (TTPs) of various threat actors.
• Participate in Capture-The-Flag (CTF) events both internally and externally.

Requirements

• Familiarity with cyber security principles (e.g. networking, web development, vulnerability classes) and industry best practices (e.g. OWASP Top 10, MITRE ATT&CK Framework)
• Experienced in consulting, including internal and client facing experiences
• Ability to independently lead a project and communicate with clients
• Familiar with programming/scripting languages such as .NET, Python, Bash and PowerShell, etc.
• Possess relevant cybersecurity certifications or accredited experience from CTF and Bug Bounties
• Ability to travel overseas when required

Preferred Qualifications/Skills

• At least 1 year of consulting experience
• Proficient with security testing tools such as Nessus, Burp Suite, Frida, dex2jar, etc.
• Offensive Cyber Security Certifications (e.g. OSCP, CRT preferred)
• Mobile Application Development / Security Testing
• Red Teaming Tools such as Cobalt Strike, GoPhish, Sliver, Brute Ratel, etc.
• Source Code Review using automated scanners such as Checkmarx
• Reverse Engineering / Malware Development
• Static and Dynamic Analysis
• Experience in various security testing environments such as with the use of jumphosts, VPN, testing over GCC AWS/Azure, onsite/remote environments, etc.
• A self-motivated learner who is keen to develop and lead a team to be able to deliver professional services and grow local capabilities