Who we Want :
Collaborative partners. People who build and leverage cross-functional relationships to bring together ideas, information, use cases, and industry analyses to develop best practices.
Detail-oriented process improvers. Critical thinkers who naturally see opportunities to develop and optimize work processes finding ways to simplify, standardize and automate.
Analytical problem solvers. People who go beyond just fixing to identify root causes, evaluate optimal solutions, and recommend comprehensive upgrades to prevent future issues.
Job Description :
A Red Team Engineer at Stryker is expected to have strong understanding in one or more domains. Red Team in this role work closely with teams throughout Information Security, as well as provide technical leadership and advice to teams and leaders throughout Stryker.
You will be in direct contact with teams in a variety of business verticals, giving you firsthand knowledge about how Stryker is built and how it operates at a deep, technical level.
Additionally, you will leverage the knowledge you gain about Stryker to find new ways to break services, processes, and technologies throughout the company.
The Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical Stryker assets.
What you will do :
Perform red team engagements throughout Stryker independently, or as part of a team.
Contribute to the creation of detailed engagement plans
Perform adversary simulation of real-world adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK, Cyber Kill Chain, and other sources of information
Develop solutions to complex problems, and / or makes moderate to significant improvements of processes and systems to enhance the operations efficiency
Develop payloads, scripts, tools, or methodologies to enhance Stryker’s red teaming operations
Deliver accurate comprehensive reports and debriefs for both executive and technical audiences in manner that improves detection and response capabilities
Communicating and collaborating effectively with partner teams, service owners, Information Security, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings
Keeping current with the latest offensive security techniques
What you need :
BS in Computer Science or related field preferred
One or more security certifications such as OSCP, OSWE, GWAPT, Offensive Security or GIAC required.
Two to Four (2-4) years’ work experience in a red teaming or penetration testing role
Strong Knowledge and understanding in one or more security domains (e.g., security engineering, system and network security, authentication and security protocols, cryptography, application security, incident response)
Understanding of cloud service providers and their offerings, preferable MS Azure, and its various technologies and services
Experience with common offensive security tools (e.g., Cobalt Strike, Metasploit, Burp Suite)
Understanding of real-world adversary operations methodologies, tactics, techniques, and procedures. In particular, the ability to apply frameworks (e.
g., MITRE ATT&CK and Cyber Kill Chain)
Experience with attacking common Operating Systems (Windows, MacOS, Linux)
Ability in developing security tooling and automating red team infrastructure
Demonstrated experience in network assessments
Demonstrated experience in web application / service assessments
Experience working with global and diverse team
Experience performing internal and external global engagements
Knowledge in cloud service assessments
Knowledge in reverse engineering and associated tooling (e.g., IDA)
Knowledge in hardware hacking
Demonstrable teamwork skills and resourcefulness
Demonstrated high level of ethical standard
Demonstrated ability to solve complex problems and identify Information Security solutions to challenging business problems
Demonstrated ability to manage / organize
Demonstrated strong analytical skills
Strong written and verbal communication at all levels