Principal Security Consultant
3 weeks ago
About Nettitude
Nettitude is an award-winning provider of Cyber Security and Assurance, Incident Response and Technology services to organizations across the world.
We are at a very exciting stage both in terms of our company but also in the Cyber Security marketplace.
We are looking for the right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced.
Nettitude is at the forefront of this arena and we want to seek the right people to join the team and make it happen.
Find out more about Nettitude at
The Role
We have a dedicated Red Team within our business and due to continued growth we are hiring a Principal Security Consultant to be part of our Red Team.
In this role you will be expected to operate multiple engagements at once, orchestrating and supporting your team to deliver on agreed objectives.
You will be expected to work in challenging environments and deliver under pressure, while maintaining good working relationships with customers.
The role focuses on a high level of competence in technical delivery, and it also requires an equally high level of aptitude for consultancy and management, influence, and presentation skills.
As a Principal Security Consultant – Red Team, you will be required to manage and mentor people while working with and debriefing executive teams, company boards, or regulators such as the Bank of England (BoE) and Financial Conduct Authority (FCA).
Key Responsibilities
- Plan and execute complex Red and Purple team engagements, Penetration tests and Social Engineering Assessments.
- Take ownership for continued improvement of both the reporting templates and the mentorship of others not achieving high quality reports.
- Deliver both technical and management debriefs, up to executive level.
- Support, contribute to and deliver a number of Nettitude training programmes, namely Nettitude's Red Team training course, delivered privately and at conferences.
- Maintain a good working knowledge of Blue team tactics/capabilities, specific to people, processes and technologies. Support and delivery Detection and Response (DRA) assessments and reports where necessary.
- Maintain a good working knowledge of threat actors and their Tactics, Techniques and Procedures (TTP's).
- Assist Project Delivery in planning and arranging Red team activities, assigning personnel and managing workloads.
- Co-ordinate delivery of Red Team risk workshops, Threat Intelligence handover and project setup meetings with customers.
- Create robust and coherent test plans, or provide quality assurance of any test plans.
- Support the Global Red Team operation by being able to travel both domestically and internationally, while operating in multiple time zones where necessary.
- Maintain a proficient knowledge of regulatory frameworks, laws and their legal implications, operational security and its impacts on the team.
- Carry out or support technical research that increases Nettitude's delivery capability and industry awareness.
- Support the sales team in procurement of red team services, responding to RFP's and other proposals.
- Onsite presentation of red team service to executive level audiences.
- Regular training provided to the sales team to upskill the knowledge of the red team service and current terminology.
- Create high quality and thorough technical and management reports, which are appropriately directed to their intended audience.
- Providing Quality Assurance services, confirming either the relevant technical or management quality, as well as the report being coherent and written to a high standard.
- Coach and mentor Red Team members, providing support to all aspects of the job, technical, procedural and social.
- Maintain and abide by the Red Team methodology and supporting documentation/processes. This includes leading change where deemed necessary, and continuing to improve the service.
- Create tools and procedures to assist in improving process, continuity and business growth.
- Drive internal initiatives through both request and observation, specific to improving the Red Team service or Nettitude's commercial presence.
- Demonstrate strong leadership, managing a team of testers, assigning workload and utilizing the different skillsets to achieve objectives.
- Maintain a focus on client objectives and have the ability to manage time and client expectations.
- Help maintain and further develop the Nettitude brand reputation across the industry, this could be in the form of training, workshops, conference talks or blogs.
Requirements
- Demonstrable strong technical, social and presentation skills.
- Demonstrate strong influence, negotiation and relationship management skills.
- Demonstrable strong written and speaking English skills.
- Demonstrable strong analytical/problem solving skills.
- Demonstrable strong ability to lead, teach, present and inspire the wider team.
- High proficiency with multiple C2 frameworks and capable of modifying or creating tooling to overcome technical challenges.
- CREST CCSAM, CCSAS or equivalent level of IT Security related certification/knowledge.
- Ability to work and deliver under pressure in a worldwide organisation.
- Knowledge and experience in scripting or programming languages (ex. Python, Perl, Ruby, PowerShell, C, C#, Java) in order to develop custom scripts or tools.
- Knowledge of adversary tactics against Apple heavy environment.
- SC and DV level clearances UK.
- Understanding of global regulatory landscape for technology and cyber risk experience in any of the common regulated frameworks (such as CBEST, GBEST, GCASE, TBEST, TIBER-EU, C-RAF iCAST, AASE, TIBER-FI, CORIE, FEER).
- Conducting threat modelling.
- Experience of defining strategies, methodologies, processes and procedures required to create a successful security strategy.
What We Offer
We offer an exciting working environment with intellectual challenges, responsibility and high level of client interaction. An attractive remuneration package will be negotiated with the right candidate.
The role provides a platform to work as part of a team simulating highly advanced attacks against enterprise businesses globally, using sophisticated tooling developed internally such as Photon (in-house c2) and PoshC2 Public and Private (Nettitude develop an internal private version also).
To maintain the high standards of delivery, consultants will also be given research and development time to build new tooling and spend time in our lab environment testing against a number of EDR solutions.
This opportunity along with the work that we do provides a chance to make a real difference and help businesses better defend themselves from future attacks.
So if you're the kind of person who loves deep technical challenges and a fantastic work environment, we welcome your interest.
Please do visit our website to understand more about how we develop our people, work on cutting edge engagements and offer multiple career progression paths.
-
Senior Principal Security Researcher
4 weeks ago
Washington, Washington, D.C., United States Chameleon Consulting Group Full timeJob SummaryChameleon Consulting Group is seeking a highly skilled Cybersecurity Expert to join our team. As a Senior Principal Security Researcher, you will be responsible for performing vulnerability research and reverse engineering against embedded devices running real-time operating systems. You will also be expected to communicate security research...
-
Senior Principal NetSuite Consultant
4 weeks ago
Washington, Washington, D.C., United States Oracle Full timeJob Title: Senior Principal NetSuite ConsultantOracle NetSuite is seeking a Senior Principal NetSuite Consultant to join our team. As a Senior Principal NetSuite Consultant, you will be responsible for providing expert-level consulting services to our clients, helping them to implement and optimize their NetSuite solutions.Key Responsibilities:Provide...
-
Senior Principal Security Engineer for HSM
4 weeks ago
Washington, Washington, D.C., United States General Dynamics Information Technology Full timeJob Description:As a Senior Principal Security Engineer for HSM, you will lead the HSM Management functional area, supporting its technologies, processes, management, usage, and project initiatives. You will be responsible for maturing the HSM Management capabilities, prioritizing activities and maximizing investment decisions, leading projects and providing...
-
Washington, Washington, D.C., United States GDIT Full timeJob Opportunity:Senior Principal Security Engineer for Hardware Security ModuleGDIT is seeking a highly motivated and experienced Senior Principal Security Engineer for Hardware Security Module to join our team. As a key member of our HSM Management functional area, you will be responsible for leading the development and implementation of HSM management...
-
Cyber Security Consultant
4 weeks ago
Washington, Washington, D.C., United States vTech Solution, Inc. Full timeCyber Security ConsultantWe are seeking a highly skilled Cyber Security Consultant to join our team at vTech Solution, Inc. The ideal candidate will have a strong background in information assurance, security risk management, and compliance.Audit and assess the security posture of our systems and applications.Develop and implement security controls to...
-
Splunk Security Engineer
3 weeks ago
Washington, Washington, D.C., United States GuidePoint Security Full timeJob SummaryGuidePoint Security is seeking a highly skilled Splunk Security Engineer to join our team. As a Splunk Security Engineer, you will be responsible for driving complex security-focused deployments of Splunk or ArcSight while working side by side with customers to solve their unique problems across a variety of use cases.Key Responsibilities- Drive...
-
Security Risk Consultant
3 weeks ago
Washington, Washington, D.C., United States Infojini Full timeJob SummaryAs a Security Risk Consultant at Infojini, you will be responsible for performing detailed architectural reviews and risk analysis of security-related requests to make sound decision-making recommendations. This includes network design and information flow, system and data access models, review of firewall rule requests, baseline configuration...
-
Senior Security Consultant
3 weeks ago
Washington, Washington, D.C., United States Office of Administration Full timeJob SummaryThe Office of Administration is seeking a highly skilled Senior Security Consultant to join our team. As a key member of our Personnel Security Division, you will be responsible for analyzing personnel security information to make suitability, eligibility, and adjudication recommendations or determinations.ResponsibilitiesServes as the operational...
-
Cyber Capture Management Principal
4 weeks ago
Washington, Washington, D.C., United States Lockheed Martin Corporation Full timeCyber Capture Management PrincipalLockheed Martin Missiles and Fire Control (LMMFC) Advanced Programs (AP) is seeking a Cyber Capture Management Principal responsible for winning new cyber security programs. The ideal candidate is an established cyber security Capture Manager who has experience winning Government Contract Research & Development (CRAD)...
-
Principal Software Engineer
3 weeks ago
Washington, Washington, D.C., United States Oracle Full timeJob Title: Principal Software EngineerAbout the Role:We are seeking a highly skilled Principal Software Engineer to join our team at Oracle. As a Principal Software Engineer, you will be responsible for designing, developing, and operating public cloud service control planes. You will work closely with architects, product and program managers to deliver...
-
Cyber Capture Management Principal
3 weeks ago
Washington, Washington, D.C., United States Lockheed Martin Corporation Full timeCyber Capture Management PrincipalAre you a seasoned professional seeking a challenging role in Cyber Security? We are looking for a Cyber Capture Management Principal to join our team at Lockheed Martin Corporation. As a key member of our organization, you will be responsible for capturing and managing advanced cyber security technology programs. Your...
-
Principal Counsel, Enforcement
4 weeks ago
Washington, Washington, D.C., United States finra Full timeJob Title: Principal Counsel, EnforcementThe Principal Counsel, Enforcement, plays a critical role in advancing the Enforcement Division's mission to protect investors and maintain fair and orderly markets.Key Responsibilities:Develop and execute a comprehensive legal strategy to assess and address Enforcement matters.Collaborate with investigative staff to...
-
Cloud Security Solutions Architect Manager
4 weeks ago
Washington, Washington, D.C., United States Palo Alto Networks Full timeJob OpportunityAt Palo Alto Networks, we're seeking a seasoned Solutions Architect Manager to lead our Prisma Cloud team. As a key member of our Systems Engineering team, you'll collaborate with sales teams to establish trust with clients and provide technical expertise to drive business growth.This role requires a strong leader who can nurture and motivate...
-
Healthcare Consultant
4 weeks ago
Washington, Washington, D.C., United States Oracle Full timeJob DescriptionWe're on a mission to revolutionize healthcare with cutting-edge technologies that empower patients, support clinicians, and inspire innovation.Our goal is to create a human-centric healthcare experience powered by unified global data.As a Principal Consultant, you'll play a crucial role in designing, configuring, and implementing Oracle...
-
Cybersecurity Principal Analyst
3 weeks ago
Washington, Washington, D.C., United States Blackbaud Full timeJob DescriptionWe are seeking a highly skilled Cybersecurity Principal Analyst to join our Threat Detection & Response team. The ideal candidate will have experience in digital forensics, incident response, and threat hunting.Key Responsibilities:Conduct in-depth analysis of security events and indicators to determine the nature and severity of...
-
Washington, Washington, D.C., United States General Dynamics Corporation Full timeWe are seeking a highly skilled Senior Principal Systems Engineer for Exchange Messaging to join our team at General Dynamics Corporation.The ideal candidate will have a strong background in Microsoft Exchange systems engineering, with experience in designing, testing, developing, and integrating complex systems for every stage of a lifecycle.The successful...
-
Principal Network Security Architect
7 days ago
Washington, Washington, D.C., United States Network Designs Full timeAbout NDi:Network Designs, Inc. (NDi) specializes in designing, developing, and delivering information technology and network solutions for government customers.With a strong focus on innovation, NDi has established itself as a leader in the Federal contracting industry.Job Summary:NDi seeks a highly skilled Sr. Network Engineer to join our team. The ideal...
-
Washington, Washington, D.C., United States Highmark Health Full timeJob Title: Principal Information Security ArchitectJob Summary:The Principal Information Security Architect at Highmark Health serves as the most senior security architect and advanced technology analyst in the company. This position involves synthesizing and simplifying complex needs such as business capability, operational efficiency, regulatory, security,...
-
Washington, Washington, D.C., United States General Dynamics Corporation Full timeJob Summary: We are seeking a highly experienced Deputy Team Chief to support our chemical security and sanctions-related capacity building programs. The successful candidate will lead a team of national security professionals in implementing counter-proliferation programs addressing evolving national security threats. Key Responsibilities:Co-lead and...
-
Principal Statistical Programmer
4 weeks ago
Washington, Washington, D.C., United States IQVIA Full timeJob Title: Principal Statistical ProgrammerLocation: Home-based in the USPurpose:As a Principal Statistical Programmer at IQVIA, you will play a key role in planning and coordinating the development of integrated programming solutions for complex statistical programming needs. You will provide technical expertise and leadership to the department, as well as...
