Cyber Security Engineer III – Adversary Simulation Operations

Overview:

Responsibilities:

• This role will establish a framework for researching, documenting, and integrating adversary emulation assessments, with a primary focus on identifying and mitigating detection gaps across various technology platforms
• Lead the Breach and Attack Simulation effort through the automation and development
• Partner with other security teams in gathering cyber intelligence information regarding potential adversary groups
• Identify testing methodologies that closely emulate the tactics, techniques, and procedures of cyber threat actors
• Conduct vulnerability research and exploit development
• Work closely with the Security Fusion Center to triage alerts triggered by suspicious or malicious activity
• Provide relevant technical details to peer teams to enhance adjacent programs such as Incident Response, Threat Hunt, and Detection
• Participates in capturing a portfolio of historical threat activity, trends and common attack vectors to predict and detect future threats.

Technical Influence:

• Evaluates new solutions and methodologies (machine-assisted techniques) and provides detailed reviews and recommendations to the Fusion Center
• Provides research for next generation, traditional and non-traditional cyber threat methods, techniques and tactics specific to evolving IT infrastructures.
• Improve automated detection by prototyping new ways to detect malicious activity and then turning those prototypes into effective new automations.

Qualifications:

• Bachelor’s degree in computer security/science or related discipline is preferred.
• Minimum 5 years of Cyber information security experience.
• Experience executing highly technical assessments, such as red teams, purple teams, penetration tests, etc
• Experience with scripted/command languages such as PowerShell, python, ruby, bash, etc
• Proficient knowledge of Cobalt Strike or other C2 frameworks
• Familiarity with MITRE ATT&CK or other threat models used to track adversary behaviors
• Experience with Windows, Unix Based Operating Systems, and Cloud Security fundamentals
• Understanding of IT Security concepts to include network design, countermeasures, risk management, operational security and attack techniques.
• Experience with Exploit development is preferred.
• SANS GIAC, OSED, OSCP, OSCE certifications are preferred

Colorado Compensation: $87,500 – $140,000 + RSU. Benefits offered to employees include: Medical, Dental, Vision, Paid Family Leave, Life Insurance, 401(k) Retirement, Employee Stock Purchase Plan, Holidays, Vacation and Sick days. You will also have access to Tuition Reimbursement and our award winning and best in class Employee Well-being and Training programs.