Senior Red Team Engineer

The Red Team Engineer will provide adversarial services to include engaging in various operations of different complexity and length to test security architecture, security tools, configurations and SIRT response to incidents. The Red Team Engineer will also partners with Blue Team members to Purple Team test security tools and detections. This role will have the opportunity to collaborate across Box as a whole, providing expertise and real world adversarial group experience to product, architecture and operational teams at Box.

Responsibilities: 

• Consult on, design, and execute adversary emulation operations

• Conduct research into real-world threat actor tactics, techniques, and procedures to develop proof-of-concept tools and playbooks

• Partner with the SIRT and other stakeholders in the organization to identify security posture improvement opportunities

• Collaborate with the Threat Operations Team (Threat Intelligence, Detection, and Threat Hunting) on threat analysis and research

• Present findings and operational work to groups in a clear and professional manner

• Study the techniques of Threat Actors, and apply that lens to operational work

Experience: 

• Minimum five (5) years of experience of operating in a technical red team or pen tester capacity

• Bachelor's degree in Information Technology, related discipline or relevant work experience 

• Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc) 

• Familiarity with MITRE ATT&CK and how it’s applied by both Red and Blue Teams

• Project management, cross-team coordination and driving organizational change

• 3+ years experience in the following areas:

• Network penetration testing and manipulation of network infrastructure

• Mobile and/or web application assessments

• Email, phone, or physical social-engineering assessments

• Shell scripting or automation of simple tasks using Perl, Python, or Ruby

• Developing, extending, or modifying exploits, shellcode or exploit tools

• Source code review for control flow and security flaws

• Bypassing preventative and detective security controls to accomplish operational goals

• Strong knowledge of tools used for wireless, web application, and network security testing

Skills:

• Nominal understanding of regular expression and proficient in programming (.NET, C/C++) and scripting languages (e.g. Perl, Java, or Python) 

• Familiarity with common C2 frameworks such as Cobalt Strike, Mythic, and Metasploit

• High level of proficiency of Linux/Mac/Windows operating systems, including bash and Powershell

• Detailed understanding of the TCP/IP networking stack, network technologies and covert channels

• Strong knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.) 

• Strong collaborative skills and proven ability to work in a diverse global team of security professionals 

• Strong organizational skills and mentoring 

• Comfortable with presenting to technical and executive level audiences

• Strong verbal and written skills 

• Excellent interpersonal skills 

• Visit this webpage to check out all of our exciting healthcare benefits: https://join.collectivehealth.com/box
• For all other benefits, please check out: Box Benefits + Perks