Offensive Security / Penetration Testing Solutions Engineer
We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual.
About the Job:
In this role you will have the opportunity to conduct offensive security operations within the company's Offensive Security team.
This position involves the execution of network as well as web application penetration testing, Red Team operations, as well as collaborative efforts with defensive teams (Purple Teaming).
The candidate will produce detailed reports of their findings along with guidance for remediation and will be responsible for delivering those findings to subject matter experts as well as to leadership.
- Bachelor's Degree or higher in Computer Science or related field
- 5+ years of experience performing Offensive Security operations including: red teaming, penetration testing in an enterprise environment
- All phases of Red Team operations including: reconnaissance, social engineering, exploitation, lateral movement, exploitation
- Leading, execution, and maturation of a Purple Team program
- Performing security assessments in Cloud environments (AWS, Azure, Google)
- Understanding of defensive controls and how to bypass/evade them
- Using and customizing commercial and open source security assessment tools including Cobalt Strike, impacket, Metasploit, and Bloodhound
- Modifying and using payloads to avoid common detection methods
- Deploying, configuring, and managing infrastructure to support Offensive operations both Cloud and on-premise
Familiarity with the following:
- Computer network, application, database, Cloud, and web exploitation techniques
- Active Directory and enterprise network exploitation
- OPSEC techniques including network traffic monitoring, post-exploitation activities, and payloads to blend in with target environments
- Secure web development practices
- Analyzing and debugging API frameworks
Experience with scripting/programming in one or more of the following languages with the ability to create or customize tools as needed:
Experience with open security testing standards and projects such as:
- MITRE ATT&CK
- CIS Top 20
At Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. That's why we provide an environment focused on openness, inclusion, trust and respect. Here, you'll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession.
Liberty Mutual has proudly been recognized as a Great Place to Work by Great Place to Work® US for the past several years. We were also selected as one of the 100 Best Places to Work in IT onIDG's Insider Pro and Computerworld's 2020 list. For many years running, we have been named by Forbes as one of America's Best Employers for Women and one of America's Best Employers for New Graduatesas well as one of America's Best Employers for Diversity. To learn more about our commitment to diversity and inclusion please visit: https://jobs.libertymutualgroup.com/diversity-inclusion
We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: https://LMI.co/Benefits
Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.