Southern Company Red Team Lead – Penetration Testing Team in Atlanta, Georgia
Red Team Lead – Penetration Testing Team
A leading U.S. energy company seeks an experienced IT security professional to join our internal Red Team in a leadership role. Our Red Team provides an offensive security mindset and hands-on penetration testing in support of our overall defense mission, security controls, policy decisions, and other special activities. Through deep technical expertise the team maintains awareness of industry-leading approaches to practical security and helps negotiate remediation activities with a diverse set of stakeholders. The candidate will develop and implement solutions that achieve adversary emulation with the aim to improve technology security throughout the organization, to include both IT and OT environments.
The technical lead will leverage his/her proven experience in penetration testing, red teaming, purple teaming, or cyber operations to lead an innovative team that seeks to assess the security posture of internal and external company resources that are not suitable for external penetration testing engagement. The position requires an established expert responsible for scoping engagements, presenting results, and working with stakeholders. He/she will continue to build methodologies, platforms, approaches, and documentation to mature capabilities in this technical domain. We require an experienced thought leader and continuous learner that is able to emulate the latest threat vectors and sophisticated attacks against computer systems and networks. By doing so, we protect our critical infrastructure and Southern’s ability to deliver on our promises to customers and shareholders.
Lead the day-to-day development of team, including implementation of innovative processes, strategies, technologies, and operations
Perform a wide range of Red Team testing including network penetration, web and mobile application testing, operational technical (ISC/SCADA), source code reviews, threat analysis, wireless network assessments, social-engineering testing, and evasion techniques
Work with SIEM content developers to guide their creation of alerting and remediation deliverables
Communicate emerging technical cyber threats to other teams and stakeholders
Lead the implementation of workflows for red teaming
Provide operational and programmatic briefings to management, including pragmatic and risk-appropriate recommendations
Ensure that standard operating procedures are being created and followed by the team
Support the definition, monitoring, and reporting of effectiveness metrics on an ongoing basis
Provide thought leadership and establish the strategy for the team function
Travel is expected to be around 5-10%, but will vary on individual preferences, current goals, and operational tempo
Must be able to obtain a US Government Clearance
BA/BS in computer science, technology, engineering or cyber security-related field or equivalent experience
Minimum of five (5) years of relevant professional security experience, or three (3) years with Master’s degree
Experience with Red, Blue, or Purple teaming exercises
Broad knowledge of networking protocols (such as TCP, UDP, DNS, FTP, SMTP, DHCP, etc.) and experience performing network traffic analysis
Knowledge of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
Four years of experience with at least two of the following:
Network penetration testing and manipulation of network infrastructure
Mobile and/or web application assessments
Email, phone, or physical social-engineering assessments
Shell scripting or automation of simple tasks using Perl, Python, or Ruby
Developing, extending, or modifying exploits, shell code or exploit tools
Source code review for control flow and security flaws
Independent thinker with strong analytical and problem-solving skills
Working knowledge of tools used for security testing such as Kali Linux, Metasploit, Burp suite, Core Impact, Cobalt Strike, Nessus, Web Inspect, and Scuba
Must be a continuous learner; with a desire to stay current on security trends, tools, technologies and best practices.
Experience building and leading a red team in a corporate environment.
Understanding of attack signatures, tactics, techniques and procedures associated with advanced cyber threats
Understanding of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors
Programming skills preferred and encouraged, as well as the ability to read and assess applications written multiple languages, such as JAVA, .NET, C#, or others
Experience communicating with senior stakeholders inside and outside the company
Familiarity with global threats to the energy sector
Technical industry certification such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN
Southern Company (NYSE: SO) is America's premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Req ID: SCS2008103