This job is part of WWT's Strategic Resourcing services. The candidate will support a WWT customer and be employed by one of WWT's preferred partners.
Why WWT?
At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits, and by delivering cutting-edge technology solutions for our clients.
WWT was founded in 1990 in St. Louis, Missouri. We employ more than 10,000 people globally and closed nearly $20 billion in revenue in 2023. We have an inclusive culture and believe our core values are the key to company and employee success. WWT is proud to have been included on the FORTUNE "100 Best Places to Work For®" list 12 years in a row!
Job Title: Sr Offensive Security Analyst - Special Ops
Location: Onsite, Spring, TX (Greater Houston)
Duration: 6 months CTH
Job Description:
This role provides offensive cybersecurity expertise within the organization, leading the most complex and high-stakes security initiatives. You will bring advanced technical skills, strategic vision, and leadership by leveraging offensive security skills to make the defense better. You will spearhead the development of innovative offensive security strategies, mentor the cybersecurity team, and play a crucial role in enhancing the organization's overall cybersecurity posture through the creation of novel countermeasures. You will help create an offensive team conducting adversary simulations, reversing malware, finding zero days, and, through all of that, making the blue team better.
You are well-versed in the TTPs of advanced threat actors and possess great technical skills to assess our defense holistically. You are equally an expert in advancements in cyber defense and in deploying new and novel approaches to prevent attackers from compromising CLIENT. You are a great coach and mentor, and you are passionate about using your offensive security skills to improve the entire security program.
You are an expert in offensive and defensive cyber operations, with demonstrated expertise in 3 or more of the listed domains.
Penetration Testing and Adversary Simulation:
Reverse Engineering
Exploit Development and identify zero-days
Advanced Threat Hunting
Detection Engineering
You will be responsible for
Utilizing expertise in offensive and defensive cyber operations across multiple domains to safeguard organizational systems.
Conducting penetration testing and adversary simulations to identify vulnerabilities in the network, applications, and infrastructure. Among other things, you will help test incident response processes and collaborate with defenders to address gaps and provide mitigation recommendations.
Analyzing and dissecting malware and code in general as a reverse engineer to uncover hidden functionalities and vulnerabilities, enhance detection, and improve response capabilities against advanced threats.
Designing and implementing cryptographic protocols, assessing cryptographic practices, and recommending solutions to secure sensitive information. You will also devise countermeasures against emerging threats like quantum computing.
Researching and developing exploits for zero-day vulnerabilities, conducting deep technical analysis, and providing proof-of-concept exploits and defensive measures to help organizations mitigate associated risks.
Proactively hunting for advanced threats by analyzing security telemetry, identifying attacker tactics, techniques, and procedures, and investigating complex incidents to strengthen the organization's security posture.
Education & Experience Requirements
Master's degree in Cybersecurity, Computer Science, Information Technology, equivalent experience.
Proven track record of finding zero days or novel defensive approaches with industry visibility.
7+ years of experience in cybersecurity, with a significant focus on offensive security, red teaming, reverse engineering and cyber defense,
Proven experience leading large-scale, complex offensive security operations and managing advanced threat simulations.
Certifications Desired: Offensive Security Certified Expert or Professional (OSCE and OSCP), GIAC Reverse Engineering Malware (GREM), Certified Red Team Professional (CRTP), or equivalent.