National Grid Penetration Test and Red Teamer in Waltham, Massachusetts
_About the Position:_
The Cyber Test Team is part of the Cyber Intelligence & Analytics department within Digital Risk and Security, and supports the Global Cyber Security Operation by emulating threat actors and identifying threats posing a genuine risk to National Grid via red teaming activities that have been analyzed by Government and commercial intelligence providers. This information enables National Grid to proactively adjust its defensive posture.
As a Red Team member, you and the team will carry out manual penetration testing across a number of environments including web applications, network infrastructure and mobile platforms. In addition, you will lead the execution of red team exercises prioritized by cyber threat intelligence. The role will be primarily fulfilled by your understanding of information security, which should span networking, operating systems, and applications. This position will give you the opportunity to emulate sophisticated actors that pose a threat to a large energy company.
The systems being assessed go beyond typical enterprise technologies, and will allow you to employ complex problem solving and take on technical challenges, specific to critical national infrastructure. The findings from your assessments will feed into other teams within National Grid, to help drive an agile remediation process. If serving as a red team member and further developing your skills in offensive security excites you, please continue considering the position.
*Knowledge, Experience & Technical Know How**(including but not limited to): *
Experience performing network penetration testing and manipulation of network infrastructure, and mobile or web application assessments
Experience using open source tools for penetration testing which could include Nmap, Metasploit, Kali Linux, etc.
Experience in common programming languages such as Python, Ruby, Lua, Go, C, Powershell or Bash
Experience developing software and an understanding of applications under-the-hood
A good understanding of the OSI stack and the various protocols from layer 1 – 7, including: TCP/IP, IPv6, IPsec, DNS, SNMP, SMTP, HTTP/S, 802.11, etc.
Excellent communication skills with the ability to communicate at a technical level
Strong attention to detail with the ability to review the work of peers
Ability to document test findings to a high standard
Ability to manage and balance own time among multiple tasks.
Offensive Security Certified Professional (OSCP)
Certified Ethical Hacker (CEH)
Certified Information Systems Security Professional (CISSP)
Various SANS certifications, such as GPEN and GWAPT.
_Job Dimensions: _
Willing to work off hours or flexi time if there is a requirement
Ability to travel to different sites and potentially the UK.
_Qualifications Required:Formal certification in one of the following:_*
o CHECK Team Member
o CREST CERTIFIED Tester
o Cyber Scheme Team Member
o Tiger Scheme Team Member
o We might consider those with SANS GPEN and GWAPT
o College Degree in Computer Science or similar study
This position has a career path which provides for promotional opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. *
/National Grid is an equal opportunity employer thatvaluesa broad diversity of talent, knowledge, experience and expertise. We foster a culture ofinclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to bean affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team./
Job: *IS DIgital Security & Risk
Organization: *IS Digital Security & Risk
Title: Penetration Test and Red Teamer
Requisition ID: 20182966