IT Security Specialist focusing on cyber defense within a family - owned company. Responsibilities include managing firewalls, monitoring threats, and implementing security solutions.
About the role
- Sr. Security Researcher leading red team engagements to enhance security posture at Corebridge Financial. Responsibilities include vulnerability assessment, training, and collaboration across security teams.
Responsibilities
- Lead and execute red team engagements: Develop and execute comprehensive red team assessments, including reconnaissance, vulnerability scanning, exploitation, and post-exploitation activities.
- Lead and mentor junior red team members, providing guidance, training, and hands-on experience.
- Develop and maintain red team methodologies, tools, and infrastructure.
- Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize targets.
- Develop and execute social engineering campaigns, including phishing, vishing, and physical penetration tests.
- Vulnerability research and exploitation: Stay abreast of the latest threat intelligence, vulnerabilities, and exploits.
- Research and develop new exploitation techniques and tools.
- Conduct in-depth analysis of vulnerabilities and their potential impact.
- Reporting and communication: Prepare detailed and concise reports documenting red team findings, including technical details, impact assessments, and remediation recommendations.
- Effectively communicate findings to technical and non-technical audiences, including senior management.
- Present findings and recommendations at security forums and conferences (optional).
- Security awareness and training: Develop and deliver security awareness training programs to employees on topics such as social engineering, phishing, and secure coding practices.
- Conduct security awareness campaigns to raise employee awareness of security threats and best practices.
- Collaboration: Collaborate with other security teams (e.g., blue team, incident response) to improve overall security posture.
- Work with development teams to identify and remediate security vulnerabilities in applications and systems.
- Build and maintain relationships with external security researchers and the cybersecurity community.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 5+ years of experience in cybersecurity, with 3+ years of hands-on experience in penetration testing, red teaming.
- Understanding of blended attacks.
- Proven experience leading and mentoring junior security professionals.
- Strong understanding of networking, systems administration, and programming concepts.
- Expertise in penetration testing methodologies and tools (e.g., Cobalt Strike, Outflank, Sliver, PowerShell Empire, Metasploit, Kali Linux, Nmap).
- Proficiency in scripting languages (e.g., Python, Ruby, PowerShell).
- Strong understanding of network protocols (e.g., TCP/IP, HTTP, DNS).
- Experience with vulnerability scanners, intrusion detection systems, and firewalls.
- Experience with cloud security (e.g., AWS, Azure, GCP) is a plus.
- Relevant security certifications (e.g., RTO I, RTO II, OSCP, OSCE, GPEN, CRTP) are highly desired.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Strong attention to detail and accuracy.
- Ability to adapt to new technologies and challenges.
- Project Management.
Benefits
- Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being.
- Retirement Savings: We offer retirement benefits options, which vary by location. In the U.S., our competitive 401(k) Plan offers a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
- Employee Assistance Program: Confidential counseling services and resources are available to all employees.
- Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000.
- Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work.
- Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Junior Information Systems Security Engineer at AMERICAN SYSTEMS managing DoD cyber security. Collaborating on technical issues and supporting risk management framework compliance.
Information Systems Security Engineer assisting in cyber security requirements for DoD systems. Collaborating closely with customers and ensuring compliance with the DoD Risk Management Framework.
Staff Product Security Engineer driving security innovation while ensuring compliance with federal standards at DataRobot. Leading security engineering, automation, and customer engagement for federal customers.
Auszubildende(n) zur Fachkraft für Schutz und Sicherheit in Hamburg bei proSicherheit GmbH. Modernes Sicherheitsunternehmen mit Fokus auf Sicherheit und Vertrauensaufbau.
Security staff for proSicherheit performing access controls and ensuring compliance with safety standards. Involves reporting, patrolling, and handling emergencies in Hamburg area.
Cyber Security Engineer responsible for DevSecOps and security automation at a leading Swiss IT consulting firm. Engaging in security measures across industries with a focus on collaboration and technology.
Cloud Security Architect responsible for strategic growth and development of Cloud Security solutions. Work with national clients on architecture and security concepts in Switzerland.
Information Security Manager coordinates ISMS development and security measures for Megamaris GmbH. Responsible for risk analysis and security training across 12 subsidiaries.
Security GRC Manager managing audits and compliance programs at Salesforce. Overseeing cloud security compliance and collaborating across departments for risk management.