Full Job Description
The Staff Cyber Security Researcher is responsible for delivering controlled threat simulation/Penetration testing services against company assets and products. Cyber Security Research includes threat research, structured attack development, vulnerability research and exploit development/testing, scripting, controlled exploitation of configuration weaknesses and software vulnerabilities, evasion of detection mechanisms and more.
Roles and Responsibilities
Leading and executing engagements; defining scope, coordinating attacks, executing tests and reporting findings, following an established methodology in accordance with defined processes
Conduct adversary simulation to determine if flaws and exposures can be exploited by unfriendly forces
Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of information assets
Perform pen testing activities on new and existing Products/platforms
Actively mentor and develop Cyber Security Researchers
Coordinate with other teams in IT Risk in development of threat agent profiles
Participate in cross-team Task Forces to drive impact of Cyber Security Research findings as appropriate
Identify and execute projects to drive simplicity and impact of Cyber Security Research efforts
Maintain relationships with key partners from a technical operations perspective
Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 6 years of professional experience.
Legal authorization to work in the US is required.
Security certifications - OSCP, OSCE, GPEN, GXPN, GWAPT, GIAC certifications or equivalents.
Experience performing threat simulation or penetration testing engagements in an enterprise environment
Experience with the command line in Windows and/or Linux
Ability to rapidly find, assimilate and synthesize information in pursuit of attacks
Extreme resourcefulness with willingness to learn and teach how to characterize adversary tools and techniques, assess and test Company resources, and improve Company defenses
Demonstrated ability to compromise complex IT systems/applications in enterprise environments
Proven vulnerability analysis skills
Excellent communication skills including both verbal and written
Hardware / electronics experience
Expertise with Mobile Application Security assessments
Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and/or industry activities
Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources
Demonstrated customer focus - evaluates decisions through the eyes of the customer and can build strong customer relationships
Change oriented - actively generates process improvements; supports and drives change, and confronts difficult circumstances in creative ways
Master’s degree in Business, Sciences or Information Technology
Prior experience working in a matrix environment
Prior experience doing Lean or Six Sigma Process improvement work
Prior experience working on developing and leading strategy definition
Prior experience managing IT operations and support
Capable contemporary leader with extensive team working abilities
Location: Houston, TX
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.