SENIOR SYSTEMS ENGINEER – RED TEAM (REMOTE)
We have an opening for an individual contributor level for a role on our Red Team. The ideal candidate has some Red Team experience OR has a deep Blue Team (defender) understanding of multiple tech stacks that are commonly abused by adversaries.
You will partner with a team of remote, geographically distributed Red Team members, working on our private infrastructure and tooling while influencing the security posture of the world’s largest retail by conducting simulated breaches of our businesses across five continents. You will also learn from world-class Blue Team members who seek to detect, contain, and eradicate our access attempts, using our exercises as training for the real thing.
You may be a fit for our team...
If you know how the adversary and defender think about each other
If you grasp common adversary TTPs (Tactics, Techniques, and Procedures)
If you can chart a course from an initial access foothold, to an objective, and finally egress
If you can develop software in multiple languages
If you comprehend advanced phishing detections (reputation, categorization, sandboxes, EDR, etc.)
If you are calm under pressure and work well in real-time collaboration with teammates
If you want your job to get harder and the defender’s job to get easier
If you are permanently curious and never stop learning
You’ll make an impact by:
Discovering new gaps in our organization’s prevention & detection controls, and response processes
Executing scenarios and then working with stakeholders to reduce organizational risk
Presenting ground truth on the readiness of our businesses to withstand a breach
Influencing senior and executive leadership’s security investment decisions
Benefits & Perks:
Beyond competitive pay, you can receive incentive awards for your performance. Other great perks include 401(k) match, stock purchase plan, paid maternity and parental leave, PTO, multiple health plans, and much more.
About Global Walmart YOUR Team’s name: RED TEAM
The Red Team runs adversary simulation exercises to test the company’s detection controls and response procedures to highlight risk in our global technology platforms and businesses in an authentic, objective way.
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.As permitted by applicable law, provide evidence of full vaccination as defined by CDC guidelines OR secure approval of medical or religious accommodation for the vaccination mandate., Bachelor's degree in Information Technology, Computer Science or related field and 4 years' experience in information technology or related field within the past 10 years OR 7 years' experience in information technology or related field within the past 10 years.
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.Certified Intrusion analyst (GCIAs), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials Certification (GSEC), Windows/Linux certification, and/or Security+ certification, Designing, leading, and implementing technology projects., Designing technical solutions in response to customer requests or changes, One of the following scripting/programming languages: Python, Perl, Powershell, VB Script, Ruby, PHP, Bash, C, C++, C#, or .Net, Production support, including problem identification, ticket documentation, and customer and vendor relations, Troubleshooting security infrastructure problems