The Offensive Security Senior Consultant position will be part of our Technical Assessments practice. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work with a wide variety of tool sets and across various well-known client organizations.
- Red Teams: adaptive, flag-based red team engagements designed to demonstrate the impact of a dedicated, persistent attacker.
- Purple Teams: the “open-book” approach to penetration testing, working side-by-side with our internal and client blue teams to strengthen defense against real attackers.
- Web and Mobile Assessments: dynamic web and mobile application security testing.
Penetration Testing: assess internal and external networks for common and custom security
flaws that can lead to widespread access to sensitive systems and data.
- Tactical Assessments: social engineering, spear phishing, physical break-ins, product security assessments, industrial control systems, architecture reviews.
- Documentation: document evidence of work in reports and status updates.
- Research and Innovation: use knowledge gained to conduct research initiatives with the purpose of improving our services and giving back to the community.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
- Demonstrable aptitude for technical writing, including assessment reports, presentations, and operating procedures.
- Experience communicating with clients and independently managing client projects.
- Knowledge of Windows and *NIX-based operating systems.
- Knowledge of networking fundamentals and common attacks/defenses.
- Experience managing multiple projects at once.
- Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
- Strong written/verbal communication and interpersonal skills.
- Excellent technical skills, impeccable soft skills, and organization skills.
- Strong written and verbal communication skills to effectively communicate successes and obstacles with team members and leads, as well as client stakeholders.
Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.
Hack the Box: Access to the enterprise professional labs and academy are included for SRA team members. Additionally, internal team CTFs are conducted to help motivate and keep the team sharp.
Corps Training Program: Our SRA Corps training program is a six-week experience that begins with one week of orientation at our Philadelphia headquarters. Whether new hires are interns, co-ops, or full-time consultants, SRA Corps members meet our founders, learn our values, and experience a day in the life of a cybersecurity consultant. Following orientation, Corps members return to their home office and participate in trainings such as Consulting 101, Enterprise Networks, Cloud Security and more. Our leaders provide hands-on offensive, defensive, and frameworks boot camps.
Give Back: 1-2-3 Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.
401k and Matching: Company 401(k) plan including annual 3% contribution.
Mental Health Services: SRA has partnered with Talkspace to provide SRA employees with free mental health support. Talkspace connects individuals with licensed therapists for chat, video, and phone sessions.