• Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Active Directory, cloud, infrastructure, and other environments.
• Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities.
• Participate in and lead Purple Team exercises.
• Perform cloud penetration tests on various cloud platforms such as AWS, Azure, and Google Cloud Platform.
• Develop tools, techniques, standards, and methodologies within our offensive cybersecurity consulting services.
• Develop in-depth reports that include factors such as inherent risk, mitigating controls, business impact, likelihood, and other key elements to determine security risk.
• Conduct offensive security research on emerging technologies and testing capabilities (e.g., testing GenAI and LLM). Develop methods that emulate known adversaries' tactics, techniques, and procedures.
• Provide professional deliverables to clients as well as lead technical and executive client presentations.
• Lead large security engagements in concert with other Presidio teams.
• Work with other cybersecurity consultants in a collaborative team setting to support and assist in the execution and delivery of cyber services such as documentation review and security consulting services.
• Assist leadership and other team members as needed.

Required Skills:

• Working knowledge of common operating systems and domain structures (Windows, Linux, Active Directory, etc.), servers, services, and associated vulnerabilities.
• Working knowledge of scripting languages (e.g., PowerShell, Python, JavaScript, etc.) and/or programming languages (e.g., C, Java, C#)
• Demonstrable experience with security tools such as Responder, Impacket, BloodHound, Sysinternals Suite, OS native (i.e., LOL binaries), and C2 frameworks.
• Knowledge of frameworks such as MITRE ATT&CK, MITRE D3FEND, OWASP, and NIST CSF.
• Deep knowledge of common vulnerabilities and exploits, adversarial methodologies, and tactics.
• Ability to understand and communicate technical recommendations around mitigation and detection of discovered risks.
• Strong verbal and written communication skills, organizational skills, and attention to detail.
• Strong presentation skills.
• Prior experience in a client-facing role as a consultant.
• Demonstrate ownership of projects and tasks and a sense of urgency in completing assigned activities.
• Ability to work collaboratively and professionally with co-workers, clients, and management.
• Ability to be flexible and embrace change.
• Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner.
• Must possess one of the following certifications: OSCP, GPEN, GXPN, GCPN, CCSP, or CRTO.

Preferred Skills:

• Perform both authenticated and unauthenticated web application testing as well as API assessments (RESTful and SOAP).
• Familiarity with PlexTrac, Burp Suite, Postman, Swagger, Tailscale.
• Mobile application penetration testing experience (iOS and Android).
• Physical penetration testing experience.
• Social Engineering experience (phishing campaigns, impersonation, vishing, smishing)
• Background in web application development and/or cloud computing is strongly preferred.
• Security training focused on penetration testing, web applications testing, cloud security, or red teaming.
• Industry certifications such as CASP+ CE, CCISO, CCNA Cyber Ops, CCNA, CCNP Security, CEH, CFR, CISA, CISM, CISSP, Cloud+, CySA+, GCED, GCIA, GCIH, GICSP, or GSLC.
• Strong cross-functional team participant and collaborative approach to problem-solving.
• Self-starter with the ability to manage their tasks in a larger project or program effort.

Education and Experience:

• Bachelor’s Degree or the equivalent work experience and/or military experience
• 5+ years’ experience conducting penetration tests, web application assessments, or other high-level technical testing.

Presidio is an Equal Opportunity / Affirmative Action Employer / VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, sexual orientation, gender identification or any other characteristic protected by applicable federal, state and local statutes, regulations and ordinances.

To read more about discrimination protections under Federal Law, please visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf

If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to recruitment@presidio.com for assistance.

Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to recruitment@presidio.com.

RECRUITMENT AGENCIES PLEASE NOTE:

Agencies/3 Parties may not solicit to any employee of Presidio. Any candidate information received from any Agency/3 Party will be considered a gift and property of Presidio, unless the Agency/3 Party is an Authorized Vendor of Presidio with an up-to-date Presidio Contract in hand signed by Presidio Talent Acquisition. No payment will be made to any Agency/3 Party who is not an Authorized Vendor, nor has specific approval in writing from Presidio Talent Acquisition to engage in recruitment efforts for Presidio.