TBG Security is seeking a Senior Information Security Consultant to join our professional consulting delivery team. TBG offers a fast pasted, independent work environment and the consulting delivery team is staffed by a dedicated group of information security evangelists that pride themselves on providing the very best services to our diverse customer base.
In this hands on senior consulting role, TBG is looking for a highly qualified individual to bring their expertise, leadership and knowledge to help our team grow and to help us service our numerous clients stretching across various verticals.
This role reports directly to the Security Programs Director. Your responsibilities may include but will not necessarily be limited to: leading network and application penetration testing engagements, managing Red Team engagements, providing technical and thought leadership for managed service customers, managing social engineering campaigns, security program development, and information security policy development. Along with billable consulting, this role will require strong soft skills. The candidate should possess excellent problem solving skills, customer service skills, solid report writing abilities and excellent organizational skills.
Key Responsibilities:
- Exhibit an extensive knowledge of modern offensive security techniques
- Conduct consulting engagements on-time and on budget
- Provide subject matter expertise to clients where necessary
- Write detailed and concise consulting reports
- Ability to write to both executive and technical audiences
- Ability to work independently, but comfortable working as part of a team
- Ability to work on the client’s schedule
- Show a solid knowledge of modern security frameworks, models and standards
- Provide pre-sales support and demonstrate the ability to properly scope technical engagements
Qualifications:
- 7-9 years of information security experience, with a minimum of 1-3 years’ of offensive security experience.
- Strong knowledge of offensive security tools and how to use them
- Strong knowledge of security products and how they fit into modern security models
- A solid understanding of TCP/IP and related higher-level protocols
- Strong understanding of common information security concepts such as defense in-depth, security trust models, complete mediation, security architecture design
- Knowledge of common security frameworks and standards such as NIST, PCI, ISO, etc.
- Experience conducting risk assessments and gap analysis’
- Understanding of web application technology and frameworks
- One or more information security professional certifications (GIAC, CISSP, CISA)
- Offensive security certifications are not necessary but are a plus (CEH, OSCP, OSCE, GPEN, etc)
- Ability to work independently
Desired Skills:
- Ability to use a scripting language, such as Python
Travel:
- Have the ability to travel 25% – 50% of the time
Interested? Send your cover letter and resume to [email protected] TBG Security is an equal opportunity employer and a drug-free work force.