Red Team Cyber Security Specialist - Hybrid

Knoxville, TN

Red Team Cyber Security Specialist - Hybrid

Category: Cyber Security

Main location: United States, Louisiana, Lafayette

Alternate Location(s): United States, South Carolina, Columbia

United States, Tennessee, Knoxville

Position ID: J0324-1168

Employment Type: Full Time

Position Description:

CGI has an immediate need for a Red Team Cyber Security Specialist to join our financial services team. This is an exciting opportunity to work in a fast-paced team environment supporting one of the largest leaders in the secondary mortgage industry. We take an innovative approach to supporting our client, working side-by-side in an agile environment using emerging technologies.

• We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!

• We have over 92,000+ CGI Members in 40 countries and over 5k+ loyal Clients who are leveraging our end-to-end services across the globe

This position is based in either Plano, TX, Dallas, TX, Lafayette, LA or anywhere in the US where CGI has an office in the Central/Eastern Time Zones.

Description

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.​

Your future duties and responsibilities:

Perform penetration testing which includes internet, intranet, wireless, web application, social engineering, and physical penetration testing.

Execute red team scenarios to highlight gaps impacting the organization's security postures.

Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.

Provide technical leadership and advise junior team members on attack and penetration test engagements.

Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.

Perform an in-depth analysis of penetration testing results and create a report that describes findings, exploitation procedures, risks, and recommendations.

Execute penetration testing projects using the established methodology, tools, and rules of engagement.

Convey complex technical security concepts to technical and non-technical audiences including executives.

As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business

The team frequently provides thought leadership and information exchanges through traditional and less conventional communication channels such as speaking at conferences and publishing white papers

As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments

Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities

Our professionals work together in planning, pursuing, delivering, and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.

Required qualifications to be successful in this role:

Required 10 to 12 years of Information Security experience..

5+ years of Red Teaming or Adversarial Simulation experience.

Experience with scripting/programming skills (e.g., Python, PowerShell, Java, Perl, etc.).

Experience designing or utilizing post-exploitation / command and

control frameworks.

Experience performing adversarial simulation campaigns.

Experience designing and/or executing phishing campaigns.

Experience performing exploratory penetration testing and red

team operations.

Experience bypassing security controls such as antivirus and EDR

technologies.

Experience developing or customizing vulnerability exploit code.

Experience with cloud penetration testing (AWS, Azure, Google

Cloud Platform)

Experience with risk and vulnerability management.

Ransomware simulation development experience.

Experience in the financial sector with multiple financial organizations knowledge. The candidate needs to understand the unique requirements related to interacting with and working on

financial systems/organizations.

Experience relaying threat intelligence securely.

Experience relaying technical concepts and security information effectively to non-technical parties.

Experience collaborating on security or other IT projects with multiple teams or groups within various aspects of an organization.

Experience with emergency situational response and management

Experience leading penetration testing or Red Team engagements

Experience coordinating, leading, and following up on Red Team engagements and projects.

Experience providing technical and soft skills mentorship for other analysts.

Experience building and maintaining cross-functional collaborations and business relationships.

Ability to understand, map, and utilize cross-functional business systems and processes.

Preferred Experience:

Experience with x86/x64 assembly.

Bug bounty or other vulnerability-hunting experience

Experience performing MacOS security assessments and

penetration testing activities.

CI/CD (Continuous Integration / Continuous Deployment) experience.

Experience with Software Reverse Engineering.

Open-source contribution experience would be the most ideal candidate.

Experience leading penetration testing or Red Teams

Experience leading threat hunting teams

Experience performing physical penetration testing activities.

Education Requirement:

A bachelor's degree in computer science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least three years of related work experience or a master's degree and at least two years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments.

Certifications Preferred:

"Pro Hacker" rank or above in HackTheBox, or equivalent rank in other

challenges

OSCP (Offensive Security Certified Professional) equivalent

CISSP equivalent

#LI-PK1

#DICE

CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $59,700.00 - $146,900.00.

At CGI we call our professionals “members” to reinforce that all who join our team are, as owners, empowered to participate in the challenges and rewards that come from building a world-class company. CGI’s benefits include:

• Competitive base salaries

• Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category

• 401(k) Plan and Profit Participation for eligible members

• Generous holidays, vacation, and sick leave plans

• Comprehensive insurance plans that include, among other benefits, medical, dental, vision, life, disability, out-of-county emergency coverage in all countries of employment.

• Back-up childcare, Pet insurance, a Member Assistance Program, a 529 college savings program, a personal financial management tool, lifestyle management programs and more.

**CGI anticipates accepting applications for this position through April 25th, 2024.

Skills:

  • Analytical Thinking

  • Java

  • Linux

  • Perl

  • Python

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.

CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at USEmploymentCompliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned .

We make it easy to translate military experience and skills! Clickhere (https://cgi-veterans.jobs/) to be directed to our site that is dedicated to veterans and transitioning service members.

All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.

CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.