Consultant

at SpecterOps
  • $90k-$160k
  • Remote - United States

Remote

Business

Mid-level

Job description

SpecterOps is looking for a Senior Offensive Security Consultant to work on the Consulting Services team as operators, trainers, and program developers. The Adversary Simulation service line primarily works in large commercial enterprises conducting offensive assessment services (red team assessments, penetration tests, defensive capability tests, and specialty security assessments), supporting internal offensive programs, delivering training courses, and supporting research and development efforts. Our consultants work both onsite and offsite in diverse environments supporting our customers, anywhere from developing toolsets in support of operations to briefing executives.

A successful candidate will have excellent technical skills, impeccable soft skills, and be a well-organized, self-directed individual.

Salary Range: Base salary annually, commensurate with experience.

  • Associate Consultant - $90,000 - $120,000
  • Consultant - $120,000 - $140,000
  • Senior Consultant - $140,000 - $160,000

Location: This position is remote, based in the U.S. with optional travel quarterly for in person company events and other ad hoc meetings.

  • Candidate must be authorized to work and reside in the United States; we do not currently sponsor immigration visas

Responsibilities

  • Plan and conduct offensive engagements ranging in size, scope, focus, and approach
  • Effectively communicate findings, attack paths, and recommendations, and strategy to technical and executive client stakeholders through written reports and verbal presentations
  • Build scripts, tools, or methodologies to enhance offensive services
  • Serve as a subject matter expert (SME) in one of the following areas: initial access, intelligence analysis, adversary tradecraft, offensive Windows/Nix/macOS operations, evasion operations, or technical capability development
  • Utilize common offensive security testing tools and tradecraft
  • Stay up to date with cutting-edge adversary tradecraft and vulnerabilities
  • Effectively communicate successes and obstacles with fellow team members and team lead(s)
  • Interface with client contact(s) and staff in a constructive and professional manner
  • Coordinate and prepare for internal and customer facing meetings
  • Assist with scoping prospective engagements, participating in technical testing from kickoff through remediation, and mentoring less experienced staff
  • Train team members in adversary Tactics, Techniques, and Procedures (TTPs) and tools
  • Contribute new or improve existing content for SpecterOps training courses and assist in the delivery of course offerings (instruction, lab support, etc)

Requirements (All Positions)

  • Ability to travel domestically and internationally; up to an average of 25% annually
  • Must be able to pass a criminal background check
  • Desire to embody our core values of passionate curiosity, consistent improvement, empathy, sustainability, humility, and empowerment through transparency

Associate Consultant:

As an Associate Consultant, your primarily responsibility will be to learn. You will engage, participate, and contribute to the execution of a variety of services and projects. In doing so, you will actively develop a basic understanding of the SpecterOps Adversary Simulation service line and develop skills in one or more technical areas.

Desired Qualifications:

  • Foundational knowledge of offensive security concepts and assessments
  • Foundational knowledge of security principles, policies, and industry best practices
  • Working knowledge of Windows and *NIX-based operating systems
  • Working knowledge of networking concepts
  • Working knowledge of Active Directory
  • Working knowledge of programming or scripting languages, such as C#/.NET, C++, Python, PowerShell, Bash, etc
  • Aptitude for technical writing, including assessment reports, presentations and operating procedures
  • Strong written/verbal communication and interpersonal skills
  • Determination to better self and the overall information security community through research efforts and release through blog posts, conference talk delivery, open-source tool release, and white paper publication
  • Willingness to support delivery of public and private training offerings (e.g., providing lab support, fielding student questions, etc)

Consultant: As a Consultant, you will independently contribute to significant services and projects. You will be responsible for the entire lifecycle of small to medium-size services and projects.

Desired Qualifications- Must meet the desired qualifications for an Associate Consultant, plus the following:

  • Foundational knowledge of defensive security concepts and assessments
  • Working knowledge of offensive security concepts and assessments
  • Working knowledge of common regulatory requirements and governance frameworks
  • Proficient with Windows and *NIX-based operating systems and related offensive techniques
  • Proficient with networking concepts and related offensive techniques
  • Proficient with Active Directory and related offensive techniques
  • Ability to lead small to medium sized services and projects
  • Ability to communicate effectively with customers, team members and upper management for project delivery
  • Ability to contribute to the majority of offensive security service offerings (e.g., red team, penetration test, web application security assessment, cloud security assessment, defensive capability test, etc) as part of a team for the full project lifecycle
  • Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy

Senior Consultant: As a Senior Consultant, you will be responsible for the entire lifecycle of significant services and projects.

Desired Qualifications - Must meet the desired qualifications for a Consultant, plus the following:

  • A clear expert in one or more service lines and/or technical areas
  • Ability to lead and execute majority of offensive security service offerings (e.g., red team, penetration test, web application security assessment, cloud security assessment, defensive capability test, etc)
  • Experience leading small teams and engagements
  • Experience managing multiple projects at once
  • Experience communicating with clients and delivering presentations
  • Experience independently managing client projects
  • Willingness to develop and deliver training content as a lead course instructor
  • Willingness to mentor and train fellow consultants

Nice to Haves (All Positions)

  • Bachelor’s degree in a technical field
  • Experience participating in and/or leading Fortune 1000 and/or large Federal Government security assessments
  • Public community contributions (e.g., conference presentations, blog posts, white papers, public tool development)
  • Experience in administering, attacking, or defending Windows/Active Directory, Linux, and/or macOS environments
  • Experience in technical writing
  • Experience working for a service-based information security consultancy
  • Experience developing and/or providing technical training
  • Desire to teach and train students in offensive techniques
  • Desire to travel internationally and domestically on a more frequent basis

What We Offer

  • Health/Dental/Vision/life insurance: 100% covered for both the employee and their family
  • Flexible time off policy
  • 13 paid holidays annually
  • 401(k) with up to 4% company match
  • Equity and quarterly bonuses based on company performance
  • Remote work: $1,500 first year allowance to set up home office
  • $500 annual home office allowance after first year
  • $150 monthly cell phone and internet reimbursement
  • $5,000 annual professional development allowance
  • $5,250 towards continuing education or student loan repayment
  • $1,200 annual budget for lifestyle, wellness, pet insurance and more
  • A one-time $10,000 benefit towards family planning
  • Open intellectual property policies; allow researchers to retain rights over open-sourced research & tools
  • In person and virtual employee events throughout the year
  • And of course, company swag!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. To request reasonable accommodations, please contact us at [email protected]

Unsolicited resumes are not accepted

#LI-REMOTE

Share this job:
Please let SpecterOps know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at SpecterOps

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply