Red Team Lead

Senior-level, highly technical position supporting Information Security and Cyber Threat Management programs. This specialized expert handles and directs complex and multifaceted information security investigations.

Required Experience:

5

+ Years
Job Locations:

Dallas, TX

Location Restrictions:

Onsite

Basic Qualifications and
Responsibilities

      • Perform comprehensive, cyber security engagements on all attack surfaces, from the office to the Cloud, while avoiding detection
      • Manually assess the security posture of our Extension, Web and Mobile clients
      • Evaluate and leverage automated tools that perform security assessments
      • Evaluate the security posture of third-party integrations and partnerships
      • Translate red team engagement findings into actionable items for both technical and executive audiences
      • Create POC's for vulnerabilities found in Kimberly Clark
      • Create technically flexible remediation strategies for vulnerabilities
      • Work with the security development team to automate security assessments
      • Research previously unknown vulnerabilities in Kimberly Clark's infrastructure
      • Lead threat modeling and tabletop exercises
      • Evaluate and contribute to Kimberly Clark's overall security strategy

Secondary responsibilities will include:

      • Assist with forensics, incident response and reverse engineering
      • Deploy security assessment and monitoring tools
      • Lead secure code trainings
      • Integrate security tools in the CI/CD and SDLC processes
      • Develop and/or extend scripts to enhance Kimberly Clark's security assessment tools and processes
      • Assist with the Security Operations Center

Required Skills and Experience
  • 3+ years of Red Team experience
  • 5+ years hands on experience with Metasploit AND Kali Linux
  • Possess a high level of proficiency in web, browser and mobile security
  • Possess a high level of proficiency in the penetration testing process
  • Strong understanding of system and application vulnerability classes
  • Well-rounded knowledge in security tools, software and processes
  • Knowledge in identity access, access control, network/host intrusion detection, intrusion prevention and patch management tools
  • Knowledge of Cloud, Containers and Container Orchestration tools
  • Proficiency in one or more scripting languages: Perl, Python, Powershell, Ruby, etc
  • Knowledge of regulatory security frameworks
  • Ability to write clearly and concisely for both technical and executive audiences
  • Bachelors Degree (preferred)
Interested in this position?
Fill out the form below!