Senior Penetration Tester - Red Team
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting.
With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks.
FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.
We will consider remote candidates based anywhere in Canada and at multiple experience levels for this position.
A successful Red Team consultant at FireEye should possess a deep understanding of both information security and computer science.
They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
This is not a press the pwn’ button type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work.
A typical job could be breaking into a segmented secure zone at a Fortune 500 bank, reverse engineering an application and encryption method in order to gain access to sensitive data, all without being detected.
If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of consultant we’re looking for.
At FireEye, you’ll be faced with complex problem solving opportunities and hands-on testing opportunities on a daily basis.
We help our clients protect their most sensitive and valuable data through comprehensive and real world scenario testing.
The objective doesn’t end at gaining domain admin or root ; this is expected and is only a starting point.
You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis.
You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best red teamers in the industry, causing you to develop new skills as you progress through your career.
Are you up to the challenge?
NET, ObjectiveC, Go, or Java (J2EE)Reverse engineering malware, data obfuscators, or ciphersSource code review for control flow and security flaws
Additional Qualifications :
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.