SpecterOps is looking for mid-level to senior consultants to serve on the Adversary Detection team as analysts, detection engineers, and program developers. The Adversary Detection team serves in strategic advisory positions to mature our customer’s internal detection capabilities. They often perform independent assessments to determine the overall state of a customer's detection program or to proactively identify adversaries operating silently in a customer’s environment. Additionally, our consultants frequently support SpecterOps training offerings by developing course content and delivering training during public and private events.

A successful candidate will have excellent technical skills, impeccable soft skills, and be a well-organized, self-directed individual.

Responsibilities:

• Create evasion-resilient detections based on independent research alongside supporting resources, documentation, and automation
• Evaluate existing detection content in client environments and make improvements as necessary
• Evaluate the maturity of common security operations roles and functions, including: threat intelligence, threat hunting, detection engineering, SOC operations, incident response, and security engineering
• Utilize common security tooling, including: EDR, SIEM, and live response tools
• Utilize and provide guidance regarding common telemetry sources, including: EDR, Sysmon, Windows Event Logging, SIEM, WAF, IDS/IPS, cloud platforms (Azure, AWS, GCP), and others
• Build scripts, tools, or methodologies to enhance investigation processes
• Serve as a subject matter expert (SME) in one of the following areas: detection engineering, network, memory, and/or disk forensics, log analysis, malware triage, or reverse engineering
• Effectively communicate successes and obstacles with fellow team members and team lead(s)
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
• Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff
• Contribute new or improve existing content for SpecterOps training courses and assist in the delivery of course offerings (instruction, student support, etc)

Requirements (All Positions):

• Ability to travel domestically and internationally an average of 25% over the course of one year, this may include bursts up to 50%
• Candidate must be authorized to work and reside in the United States; we do not currently sponsor immigration visas
• Must be able to pass a criminal background check
• Must have or be willing to obtain COVID-19 vaccination and provide documentation

As an Associate Consultant, your primarily responsibility will be to learn. You will engage, participate, and contribute to the execution of a variety of services and projects. In doing so, you will actively develop a basic understanding of the SpecterOps Adversary Simulation service line and develop skills in one or more technical areas.

Desired Qualifications (Associate Consultant):

• Foundational knowledge of defensive security concepts and assessments
• Foundational knowledge of security principles, policies, and industry best practices
• Working knowledge of Windows and *NIX-based operating systems
• Working knowledge of networking concepts
• Working knowledge of Active Directory
• Working knowledge of programming or scripting languages, such as C#/.NET, C++, Python, PowerShell, Bash, etc
• Aptitude for technical writing, including assessment reports, presentations and operating procedures
• Strong written/verbal communication and interpersonal skills
• Determination to better self and the overall information security community through research efforts and release through blog posts, conference talk delivery, open-source tool release, and white paper publication
• Willingness to support delivery of public and private training offerings (e.g., providing lab support, fielding student questions, etc)
• Ability to travel domestically and internationally an average of 25% over the course of one year, this may include bursts up to 50%
• Candidate must be authorized to work and reside in the United States; we do not currently sponsor immigration visas
• Must be able to pass a criminal background check
• Must have or be willing to obtain COVID-19 vaccination and provide documentation

As a Consultant, you will independently contribute to significant services and projects. You will be be responsible for the entire lifecycle of small to medium services and projects.

Desired Qualifications (Consultant):

• Meets desired qualifications for an Associate Consultant, plus the following
• Foundational knowledge of offensive security concepts and assessments
• Working knowledge of common regulatory requirements and governance frameworks
• Working knowledge of attacker techniques and commonly used offensive tools
• Working knowledge of Windows and NIX disk and memory forensics
• Proficient with Windows and NIX-based operating systems and related defensive controls
• Proficient with networking concepts and related defensive controls
• Proficient with Active Directory and related defensive controls
• Proficient with defensive security concepts and assessments
• Ability to lead small to medium sized services and projects
• Ability to communicate effectively with customers, team members and upper management for project delivery
• Ability to contribute to the majority of defensive service offerings (e.g., maturity assessment, compromise assessment, program development, etc) as part of a team for the full project lifecycle
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy

As a Senior Consultant, you will be responsible for the entire lifecycle of significant services and projects.

Desired Qualifications (Senior Consultant):

• Meets desired qualifications for a Consultant, plus the following
• A clear expert in one or more service lines and/or technical areas
• Ability to lead and execute the majority of defensive service offerings (e.g., maturity assessment, compromise assessment, program development, etc) 
• Experience leading small teams and engagements
• Experience managing multiple projects at once
• Experience communicating with clients and delivering presentations
• Experience independently managing client projects
• Willingness to develop and deliver training content as a lead course instructor
• Willingness to mentor and train fellow consultants

Nice to Haves:

• Bachelor's degree in a technical field
• Experience participating in and/or leading Fortune 1000 and/or large Federal Government security assessments
• Public community contributions (e.g., conference presentations, blog posts, white papers, public tool development)
• Experience in administering, attacking, or defending Windows/Active Directory, Linux, and/or macOS environments
• Experience working in a Security Operations Center (SOC) environment
• Experience in technical writing
• Experience working for a service-based information security consultancy
• Experience in malware analysis and reverse engineering
• Experience in executing offensive techniques (red teaming, pentesting, etc)
• Experience documenting detections via the Alerting and Detection Strategy framework
• Experience developing and/or providing technical training
• Desire to teach and train students in defensive techniques
• Desire to travel internationally and domestically on a more frequent basis (more than 50%)

Benefits:

• Health/Dental/Vision: 100% covered for employee and family
• Life insurance: 100% covered
• 401(k): up to 4% match
• Flexible paid leave
• Flexible work schedule
• $225 monthly internet and cell phone stipend
• $1,000 annual technology / marketing budget
• $5,000 annual training/conference budget

Salary (varies based on experience):

• Associate Consultant - 90k -125k
• Consultant - 120k - 150k
• Senior Consultant - 135k - 170k

#LI-REMOTE