Embedded Analyst - Red Team Technical Specialist
San Francisco Bay Area, California USA
About Sibylline Americas:
Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees to build their own personal profiles as well-regarded analysts within the broader industry.
General Role Description:
Sibylline Americas Inc. is looking for an experienced, professional and insightful Red Team Technical Specialist to join our team within a client's global security function, based in the San Francisco Bay Area. The client’s Global Security Red Team travels domestically and internationally to conduct real-world tests of security measures protecting the client’s technology, employees, users, and infrastructure. This role requires a dynamic personality that can work successfully in a diverse and fast-paced environment. Candidates with diverse backgrounds and perspectives and/or unconventional career paths or non-traditional experience are encouraged to apply as well.
Applicants to this role require the ability to research and analyse a wide range of information and write regular high quality reports to strict deadlines, which deliver insight and value to the client. In addition, you will engage directly with stakeholders within the client organisation to interpret their requirements, provide immediate support and consulting, and leverage depth support from the core Sibylline team. Aside from written analysis, we expect our embedded analysts to be to deliver concise and value-driven verbal briefs, and partake in stakeholder management. Your work will help our clients to make critical decisions about security and operational challenges.
This position represents an excellent opportunity for the right candidate to continue and expand their career growth within a leading and expanding firm. We offer strong career progression and are invested in building individuals' professional profiles.
Duties and Responsibilities:
- Perform as part of an internal Red Team group that meets the business needs of the client’s Global Security organization, and creates integrations across the business.
- Aid in the development of a program that provides cyber/technical pen-testing of the client’s Global Security Systems and Technology utilizing techniques used by real world criminal organizations, terrorist groups and foreign intelligence entities.
- Act as the team’s technical SME focused on identifying and exploiting technical software and hardware vulnerabilities in the client’s access control, CCTV, and other security systems worldwide.
- Support the development of practices, processes, mechanisms and the documentation for these activities, both internally and with working groups.
- Collaborate with the technical red team to ensure that the Red Team program captures and addresses the various industry trends.
- Utilize internal tools to assign, track, and process Red Team assessments and site audits.
Skills, Experience and Qualifications:
- Thorough understanding of security systems and the technical infrastructure used to support them.
- Demonstrated experience or ability to learn all below systems and tests:
- RTSP streams manipulation
- 11x cracking
- Password cracking
- Vulnerability exploits (linux, windows)
- Basic cryptography knowledge and understanding of algorithms
- Board level components exploits
- HF credentials (ISO/IEC 7810 & 7816-4)
- RF sniffing / spoofing
- Understanding of information security practices, access control systems, and physical security operations.
- Inquisitive, Analytical, Imaginative, Intelligent, Strategic, Logical, Self-Aware, and Open Minded.
- Ability to effectively communicate threats, vulnerabilities, and risks to executives and non-security stakeholders.
- In depth knowledge of cyber threat actors and TTPs that may be used to target technology companies.
- Degrees in Computer Science, Cyber Security, Engineering, National/Homeland Security, Security Technologies, Counterintelligence; or similar programs; or UFMCS graduate.
- Experience supporting global and regional partners in APAC, EMEA, LATAM, and NORAM.
Interview / Start Dates:
The closing date for applications is September 13, 2019.
After candidates are screened based on CV, a writing assessment will be conducted (at an arranged time to suit you) to test writing and analytical ability. Successful applicants will then be invited to interview, to be conducted via audio/video call. The successful candidate would be available to start ideally in early October.
To apply for this position please email your CV and covering letter to firstname.lastname@example.org with the subject line "Red Team Embedded Technical Analyst opportunity".
Remuneration: The remuneration for this role is negotiable for the right candidate, dependent on qualifications, aptitude and experience.