BackRed Team Cyber Security Specialist - Hybrid
@ CGI
Position Description:
- CGI has an immediate need for a Red Team Cyber Security Specialist to join our financial services team.
- This is an exciting opportunity to work in a fast-paced team environment supporting one of the largest leaders in the secondary mortgage industry.
- We take an innovative approach to supporting our client, working side-by-side in an agile environment using emerging technologies.
- This position is based in either Plano, TX, Dallas, TX, Lafayette, LA or anywhere in the US where CGI has an office in the Central/Eastern Time Zones.
- Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures.
- As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business.
- You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience.
- You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
Your future duties and responsibilities:
- Perform penetration testing which includes internet, intranet, wireless, web application, social engineering, and physical penetration testing.
- Execute red team scenarios to highlight gaps impacting the organization's security postures.
- Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
- Provide technical leadership and advise junior team members on attack and penetration test engagements.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Perform an in-depth analysis of penetration testing results and create a report that describes findings, exploitation procedures, risks, and recommendations.
- Execute penetration testing projects using the established methodology, tools, and rules of engagement.
- Convey complex technical security concepts to technical and non-technical audiences including executives.
- As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business
- The team frequently provides thought leadership and information exchanges through traditional and less conventional communication channels such as speaking at conferences and publishing white papers
- As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments
- Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities
- Our professionals work together in planning, pursuing, delivering, and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
Qualifications:
Required qualifications to be successful in this role:
- Required 8 to 10 years of relevant experience.
- Experience with manual attack and penetration testing.
- Experience with scripting/programming skills (e.g., Python, PowerShell, Java, Perl, etc.).
- Updated and familiarized with the latest exploits and security trends.
- Experience leading a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Required 3 years of AWS experience.
- Familiarity with performing network penetration testing that involves avoiding detection and common alert thresholds on endpoints and security tooling.
- Any two of the following certifications: OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN.
- Knowledge of Windows, Linux, Unix, and any other major operating systems.
- Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation, and security trends in Cloud implementations.
- Deep understanding of TCP/IP network protocols.
- Deep understanding and experience with various Active Directory attack techniques.
- Understanding of network security and popular attack vectors.
- An understanding of web-based application vulnerabilities (OWASP Top 10).
Education Requirement:
- A bachelor's degree in computer science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least three years of related work experience
- OR Master's degree and at least two years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments.
Skills:
- Analytical Thinking
- Java
- Linux
- Perl
- Python
How to Apply:
Apply online at https://www.cgi.com/en/careers
Visit Site to Apply
Location: Lafayette, LA
Date Posted: March 18, 2024
Application Deadline: May 20, 2024
Job Type: Full-time