30 days old

Offensive Security Engineer (Remote, Full-Time)

SimSpace Corporation
Boston, MA 02210 Work Remotely
Apply Now
Apply on the Company Site
  • Job Code
    147031301

Do you think like an adversary, do you love to break into systems and enjoy penetrating and exploiting networks to reach a specified target? Are you capable of automating these processes? The Attack Content team is charged with creating advanced, compelling automated attack scenarios for use in the SimSpace Platform.

SimSpace is growing its portfolio of offensive security content by integrating external tools as well as creating our own APT-inspired campaigns. The goal is to make it easy for our users to make use of pre-existing attack scenarios, mix and match individual attack components, or create new attack components and scenarios from scratch to simulate adversary behavior. Full control of the multi-step attacks and visualization is required so users can concentrate on how to defend against adversaries that employ such attack techniques.

The software engineering role involves utilizing Python 3.x and/or Golang to develop, integrate, deploy, and maintain integrations of various internal and external attack content. Existing knowledge and experience with testing suites such as Metasploit is preferred, but not required. You will apply your computer science abilities to architecture, API design, data structures, data handling, concurrency, and permission models. SimSpace follows the Agile process for development and utilize modern toolchains and methods to develop our frameworks and services in teams.

Our attack content team is a combination of remote developers and local developers in our Boston headquarters. Working remotely is an option for experienced engineers located in the US and Canada that have successful experience with working remotely. We bring our entire team together for quarterly off-sites, which facilitates team bonding and some face-to-face interaction. For less experienced engineers or those who have not worked remotely before, we have a strong preference for the Boston area to facilitate mentoring and interaction with more experienced staff.

You will:

Develop and integrate new attack content (attack tools, attack scenarios, etc.) into the SimSpace Attack Content portfolio

Research, implement and refine tactics, techniques and procedures, to bolster the SimSpace Attack Content portfolio

End-to-end testing of attack content to ensure functionality in common environments and the ability to evade common defensive tools

Collaborate with our passionate Attack Content team of experienced software developers and others to ensure that SimSpace Attack Content is representative and useful during various types of events.



You have:

Relevant certifications from organizations like Offensive Security (OSCP/OSCE), or SANS (GPEN, GXPN, GWAPT),

or

Equivalent experience with demonstrable requisite skills

Professional Software Engineering experience in Python 3.x., Golang, or other languages is a plus

Ability to think outside the box, tying together disparate vulnerabilities or misconfigurations to create an attack scenario

Solid understanding of tactics and techniques used during offensive network operations and the ability to modify them to subvert defensive countermeasures

Demonstrated experience with distributed systems, communication frameworks, network protocols (RESTful API and rMQ), data handling, and proper use of security constructs.

Experience with multiple operating systems (Windows, Unix/Linux etc.)

Knowledge of common system and network configurations, for multiple system types.

Solid understanding of networking, network protocols and their uses

Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, IR, AV, EDR, etc.)

Experience working with virtualization solutions

Experience with the commonly used attack frameworks (Cobalt Strike, Metasploit, CANVAS, Empire, Core Impact, etc.)

Experience in Web Application Penetration Testing or Cloud Penetration Testing

A strong sense of pride in crafting well-tested and well-designed code that is delivered on-time. We have to deliver and it has to work.

Your skills:

Strong verbal and written communication skills

Self-starter that is highly motivated, accepting of other opinions, and can work effectively in a team

Produce high quality software that is well-written, well-instrumented, tested thoroughly and securely designed and implemented

Proficiency in Python 3.x is required

Programming ability with any of the following: Scripted Languages (Ruby, PowerShell, Bash, Batch, PHP, etc.) & Compiled Languages (C/C++, Golang, etc.)

Fluent with git, GitHub, Docker, CI/CD and modern team software development and testing tools and practices, including Secure SDLC approaches





PI147031301

Posted: 2021-09-15 Expires: 2021-10-17

Job Opportunities

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Offensive Security Engineer (Remote, Full-Time)

SimSpace Corporation
Boston, MA 02210

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast