Cybersecurity Subject Matter Expert (Pen-Testing, Red Team, Purple Team)

Job Family:

Cyber Consulting

Travel Required:

Up to 10%

Clearance Required:

Active Top Secret (TS)

This posting is not for immediate hire. Seeking prospective candidate to be considered under Proposal to be award in late Q1 2025 or early Q2 2025.

What You Will Do:

We are seeking a highly skilled and experienced Cybersecurity Subject Matter Expert (SME) to join our dynamic team. The ideal candidate will have a strong background in penetration testing, red teaming, and purple teaming. This role requires a proactive individual who can identify vulnerabilities, simulate cyber-attacks, and enhance our security posture through comprehensive testing strategies.

Key Responsibilities:

Penetration Testing:

• Conduct thorough penetration tests on networks, applications, and systems to identify security weaknesses.
• Develop and execute test plans, document findings, and provide actionable recommendations for remediation.
• Utilize various tools and techniques to simulate real-world attacks and assess the effectiveness of security measures.

Red Team Operations:

• Plan and execute red team exercises to simulate advanced persistent threats (APTs) and other sophisticated attack scenarios.
• Collaborate with blue team members to test and improve detection and response capabilities.
• Document and present findings to stakeholders, highlighting potential risks and mitigation strategies.

Purple Team Collaboration:

• Work closely with both red and blue teams to facilitate purple team exercises aimed at improving overall security posture.
• Share insights and knowledge to enhance the effectiveness of defensive measures and incident response plans.
• Foster a culture of continuous improvement and knowledge sharing within the cybersecurity team.

Security Assessments and Audits:

• Perform regular security assessments and audits to ensure compliance with industry standards and best practices.
• Identify and prioritize security risks, and work with relevant teams to implement corrective actions.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.

What You Will Need:

• An ACTIVE and MAINTAINED TOP SECRET DoD security clearance
• Bachelor's degree from an accredited university or college in Computer Science, Information Security, Cybersecurity or a related field AND FIVE (5+) plus years of post-graduation work experience in cybersecurity, with a focus on penetration testing, red teaming, and purple teaming; Or Master's degree from an accredited university or college in Computer Science, Information Security, Cybersecurity or a related field AND THREE (3+) plus years of post-graduation work experience in cybersecurity, with a focus on penetration testing, red teaming, and purple teaming;
• Relevant certifications such as OSCP, CEH, CISSP, or similar.
• Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001).
• Proficiency with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap) and red team tools (e.g., Cobalt Strike, Empire).
• Excellent problem-solving skills and the ability to think like an attacker.
• Strong communication and presentation skills, with the ability to convey complex technical concepts to non-technical stakeholders.
• Ability to work independently and as part of a team in a fast-paced environment.
• Ability to travel as required
• Currently reside in the contiguous United States
• This is a Hybrid role that requires the ability to work onsite in a core Guidehouse Office or Client Office location. 

What Would Be Nice To Have:

• An ACTIVE and MAINTAINED Department of Energy (DOE) Q-Sensitive security clearance
• Preference will be given to candidates within 60 miles of a core Guidehouse office or Client Office location.
• Experience with threat hunting and threat intelligence.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation and tool development.
• Familiarity with cloud security (e.g., AWS, Azure) and container security (e.g., Docker, Kubernetes).

This posting is not for immediate hire. Seeking prospective candidate to be considered under Proposal to be award in late Q1 2025 or early Q2 2025.

#LI-RE1

The annual salary range for this position is $130,000.00-$216,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.