Stratascale Security Consultant - Offensive Security

Stratascale is seeking a Consultant who will serve as a subject matter expert in supporting and delivering practice focused solutions to our customers. This role will participate in the Security Intelligence practice’s security research efforts which will bolster the existing services being delivered today and help shape future services to ensure we are developing and delivering cutting edge solutions to our list of strategic customers.  This role will also serve as a mentor and leader to other consultants within the practice discipline.

This role will report to the Practice Manager of Security Intelligence within Stratascale.

This position is remote with a Home Office setup as determined by Stratascale management. 

Stratascale, an SHI company, brings together the benefits of 31 years' experience delivering the very best technologies with a fresh consultative approach to designing, delivering and supporting the technology our customers need to transform their business. We call it Digital Agility.

 To learn more about Stratascale visit our website: https://stratascale.com/ 

Includes, but not limited to:

• Provide subject matter expertise on Offensive Security specific products and services to help customers achieve desired security outcomes through services such as: Adversarial Red Team Assessments, Social Engineering, Vulnerability Assessments, penetration tests, attack surface discovery, and security validation testing.
• Carry out application & network testing of client environments to expose weaknesses in security
  • Black/white/gray box testing
  • Manual testing
  • Automated testing
• Plan, create and execute penetration attack methods, scripts, and tests using the current polices and process
• Simulate security breaches to test a system's relative security
• Proactively identify customer needs and requirements through data, customer engagement and other methods to recommend appropriate solutions and service opportunities
• Proactively identify customer needs/requirements through data, customer engagement and other methods to recommend appropriate solutions and services opportunities
• Stay educated on new product technology, tangential team capabilities, and other specific offerings or programs emerging within our company and within the practice industry
• Identify areas for continued advancement of strategies aligned with Industry direction, client need, practice scope and present solutions to leadership
• Execute consulting projects by creating deliverables, completing project deliverables successfully, and ensuring client needs and practice obligations are met successfully
• Participate in the development of cross practice training or delegate trainings to team members on practice discipline capability, associated offerings, industry positioning and selling strategies
• Serve as a subject matter expert in designing, architecting, and delivering solutions

• Bachelor’s Degree or equivalent experience
• Minimum 3+ years client-facing experience working on complex security engineering-based projects and solutions services
• Experience managing complex solutions delivery on time and successfully
• Experience managing and reporting on multiple service delivery opportunities and ongoing projects
• Strong fundamental understanding of technical security solutions and how they address customer risk exposure and solve key use cases
• Proven understanding of security services engagements, service team management
• Strong knowledge of offensive security tactics, techniques, and procedures

• Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation.
• Proficient in coding in one of more languages (e.g. Python, Bash, Java, C++, PowerShell)
• Overall knowledge of the Software Development Life Cycle
• Strong understanding of infrastructure/cloud architecture and security testing approaches. This will include using tools, manual testing, and various testing techniques.
• Ability to independently conduct and lead security assessments
• Understand complex computer systems and technical cyber security terms as well as their applications
• Ability to engage and discuss technical and non-technical concepts and explain complex problems with a wide array of customer audience types including C-Suite, VP/Director, Architect, Engineer and Analyst resources
• Emotional intelligence, flexible work style, and excellent diplomatic skills across all levels of the organization
• Problem solving skills with the ability to serve as an escalation point and knowledgeable resource and direct resolution while accessing circumstances and current information to make informed and best decision
• Ability to clearly define roles and responsibilities, establish short-and long- term goals, use open and supportive communication, and collaboratively solving problems

Certifications below are preferred but not required:

• Industry certifications:
  • CISSP
  • CISM / CISA / CRISC
  • GIAC (GSEC)
  • OSCP
  • OSWP
  • OSCE/OSEE/OSWE/OSEP/CEH

• Attend virtual customer meetings when appropriate
• Travel to customer sites, partner sites, conferences, and Stratascale offices up to 25% annually

• The estimated annual pay range for this position is $110,000 - $145,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
• Equal Employment Opportunity – M/F/Disability/Protected Veteran Status