Senior Enterprise Security Consultant

At DirectDefense, we are at the forefront of the cybersecurity industry, dedicated to safeguarding businesses from the ever-evolving landscape of digital threats. Established in 2011, we have consistently delivered cutting-edge security solutions that protect sensitive data, ensure compliance, and provide peace of mind to our clients. Our innovative technologies and expert team enable organizations to stay ahead of cybercriminals and secure their critical assets.

The Senior Enterprise Security Consultant at DirectDefense will be a crucial member of our cybersecurity team, responsible for identifying and mitigating security vulnerabilities within client network infrastructures. This role involves conducting comprehensive penetration tests, performing detailed vulnerability assessments, and leading Red Team engagements to simulate sophisticated attacks. The ideal candidate will possess extensive technical expertise, a deep understanding of both offensive and defensive IT concepts, and the ability to communicate complex security issues effectively. With a focus on staying current with the latest vulnerabilities and technology trends, the Senior Enterprise Security Consultant will develop and execute proof-of-concept exploits, create detailed reports, and recommend improvements to enhance clients' security postures. This position also involves mentoring junior testers and contributing to the development of innovative testing tools and methodologies.

Responsibilities:

• Conduct comprehensive network and infrastructure penetration tests to identify security vulnerabilities, assess their impact, and develop actionable remediation strategies.
• Perform detailed vulnerability assessments and analyses of client networks, systems, servers, and other infrastructure components.
• Lead Red Team exercises to simulate advanced persistent threats and measure an organization’s readiness to detect, respond, and mitigate attacks.
• Stay up to date with the latest vulnerabilities, technology trends, threat landscapes, and offensive toolkits used in penetration testing. Apply this knowledge to enhance testing methodologies.
• Develop and execute proof-of-concept exploits to demonstrate the impact and severity of identified vulnerabilities.
• Create comprehensive, accurate, and detailed reports and presentations for both technical and executive audiences, clearly communicating findings, risks, and remediation recommendations.
• Design and develop scripts, tools, and methodologies to improve testing processes and efficiencies.
• Mentor and guide less experienced penetration testers, fostering a culture of continuous learning and professional development.
• Assist in scoping prospective engagements, managing client expectations, and lead engagements from kickoff through remediation.
• Evaluate and recommend improvements to clients’ security architectures, ensuring robust and resilient defenses.

Qualifications:

• 5-10 years of hands-on experience in network/infrastructure security and penetration testing.
• Extensive knowledge of offensive toolkits and techniques used in network/infrastructure penetration testing.
• Strong grasp of both offensive and defensive IT concepts, including common attack vectors and defense mechanisms.
• Proven ability to stay current with the latest vulnerabilities, technology trends, and threat landscapes.
• Exceptional ability to develop proof-of-concept exploits that accurately demonstrate identified vulnerabilities.
• Excellent written and verbal communication skills, capable of conveying complex security topics in a clear, concise, and understandable manner to diverse audiences.
• Professional certifications such as OSCP and OSEP are highly preferred.

Salary range: $120,000 - $160,000

Bonus: Up to 10% annual bonus

Benefits include:

• 401(k)
• AD&D Insurance
• Dental Insurance
• Disability insurance
• Health insurance
• Life insurance
• Vision insurance
• Flex PTO program
• Paid certification and continuing education

Career Development:

• Opportunities for professional growth and development within the company.
• Access to training programs and certifications.
• Participation in industry conferences and workshops.

Application Instructions: To apply, please submit your resume and cover letter through our online application portal. Applications will be reviewed on a rolling basis until the position is filled.

A little about DirectDefense

Since coming together in 2011 to form DirectDefense, our team has been committed to offering Cybersecurity defense strategies that are unmatched in the industry. Whether we are performing assessments of networks, platforms, and applications or applying managed services to improve your organization’s security posture, we are focused on providing world-class services that don’t just work–they work for you.

OUR MISSION

We establish partnerships with our clients based on trust and results. We leverage our deep industry knowledge and expertise to identify and remediate blind spots in your security program, provide meaningful visibility of your entire enterprise, and align your organization with security best practices and compliance standards.

OUR VISION

We aim to secure organizations across all industries against advanced threats and attacks in today’s world. Acting in partnership with organizations, we will provide unmatched information security services designed to improve your overall security posture, close gaps, and track vulnerabilities on an ongoing basis through continued education and support.

EEO COMMITMENT

We’re an equal employment opportunity/affirmative action employer that empowers our people to drive change fearlessly – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

As required by Colorado law under the Equal Pay for Equal Work Act, DirectDefense provides a reasonable range of compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is $120,000 - $160,000 per year with a bonus package.

Last updated on Dec 3, 2024