BRG is an Equal Employment Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status.
Position Title: Red Team Engineer, HAP Tech
Location: Remote-USA
Position Type: Full time
Requisition ID: JR100109
Description:
We do Consulting Differently
HAP Tech, a subgroup of BRG’s Healthcare Analytics practice (HAP), is one of the firm’s largest and fastest growing teams. This innovative group is currently looking for talented and dynamic professionals to join us as we continue to grow! HAP Tech supports and advises pharmaceutical manufacturers on how to navigate the challenges and complexities of the 340B program as well as other areas of the healthcare ecosystem. Our team is the established market leader in data and technology solutions for 340B-related issues and we support an impressive client base which includes the largest pharmaceutical manufacturers in the US as well as early-stage biotech companies. Beyond our syndicated solutions, we also integrate and synthesize data to deliver unparalleled analytics and insights into various aspects of the 340B program and the pharmaceutical supply chain.
The Red Team Engineer will simulate attacks against internally developed applications and infrastructure, using tools and techniques that are common in modern security breaches, to identify vulnerabilities and weakness to various sophisticated attacks, evaluate and continuously improve incident response capabilities, elevate security awareness throughout or organization, and demonstrate compliance across multiple security frameworks.
Responsibilities
- Design, develop, and execute red team engagements, penetration testing, and source code review engagements against a variety of web services and software.
- Conduct research into real-world threat actor tactics, techniques, and procedures to develop playbooks.
- Maintaining in-depth documentation and auditing of actions taken during Red Team operations to provide deconfliction and non-repudiation.
- Provide actionable long-term risk mitigation guidance.
- Partner with engineers and product teams in driving remediation of weaknesses identified in application security review engagements.
- Stay abreast of the latest cyber security threats, trends, and attack techniques; continuously improve our testing methodologies and tools.
- Document and present results to a variety of audiences, ranging from technical engineers over non-technical subject matter experts to executive leadership.
Qualifications:
- Minimum 3 years of experience in cybersecurity, or red team operations.
- Bachelor’s degree in information technology, related discipline, or relevant work experience
- Relevant Technical Security Certifications: Offensive Security (OSCP, OSEP, OSWA, OSWE), GIAC (GPEN, GWAPT, GCPN, CX-PT), Infosec (CCPT, CMWAPT, CRTOP), EC-Council (LPT Master), etc.
- Project management, cross-team coordination and driving organizational change.
- Experience with Adversary Emulation is required.
- Experience with C2 Infrastructure Experience is required.
- Experience with Adversary tactics, techniques, and procedures (TTPs) is required.
- 3+ years’ experience in the following areas:
- Network penetration testing and manipulation of network infrastructure
- Web application assessments
- Scripting or automation of simple tasks using Python, Ruby, Go, etc.
- Developing, extending, or modifying exploits, shellcode or exploit tools.
- Source code review for control flow and security flaws
- Bypassing preventative and detective security controls to accomplish operational goals.
Candidate must be able to submit verification of his/her legal right to work in the United States, without company sponsorship.
Salary Range: $100,000-$150,000 per year.
#LI-JQ1
#LI-Remote
About BRG
BRG combines world-leading academic credentials with world-tested business expertise purpose-built for agility and connectivity, which sets us apart—and gets you ahead.
At BRG, our top-tier professionals include specialist consultants, industry experts, renowned academics, and leading-edge data scientists. Together, they bring a diversity of proven real-world experience to economics, disputes, and investigations; corporate finance; and performance improvement services that address the most complex challenges for organizations across the globe.
Our unique structure nurtures the interdisciplinary relationships that give us the edge, laying the groundwork for more informed insights and more original, incisive thinking from diverse perspectives that, when paired with our global reach and resources, make us uniquely capable to address our clients’ challenges. We get results because we know how to apply our thinking to your world.
At BRG, we don’t just show you what’s possible. We’re built to help you make it happen.
BRG is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
Equal employment opportunity, including veterans and individuals with disabilities.
PI273528740
