job summary: This technology company is seeking a fully remote Lead Information Security Engineer - Offensive Security who will be responsible for the planning, designing, implementation, and validation of innovative security solutions that will continually mature their security detect & respond capabilities. The Lead engineer will lead the generation and deployment of automated attack and validation solutions utilizing the MITRE ATT&CK framework. They will be responsible for the development and success of the threat intelligence and threat hunting capabilities. Not only that, the Lead engineer will also own the overall strategy, process, and technology improvements and excellence in the Offensive Security function. Requirements: Proven experience with attack and penetration (A&P) techniques and tools. This Lead engineer will not just be an executor.Working knowledge of alerting and reporting systems including SIEM technologies. They are a Mandiant/Trellix shop but need engineers who are also tool agnostic. On the Endpoint and SIEM side, this security team works within HX/Helix.Proficiency with syslog reporting, parsing, and forwarding technologiesExperience with configuring and operating Microsoft and Linux operating systems for both desktop and server systems.Practical experience with programming languages (C#, Python, PowerShell, Bash, SQL, etc.)Ability to efficiently troubleshoot and resolve technical issues. When constantly testing the environment for capabilities and gaps that exist, which requires collaboration across the entire team, this engineer needs to deliver real-time, creative solutions, as opposed to someone coming in to serve a function.Ability to communicate and collaborate effectively across teams inside and outside of the Information Security group. Demonstrate a solid sense of ownership and ability to drive the solution of a problem from end to end.Apply creative, enthusiastic, and "out-of-box" approaches to solving information security problems while balancing the business's needs.Exhibit excellent verbal and written communication skills, including describing or explaining complex processes and issues in a concise manner. Preferred Requirements: Experience with automated attack testing solutions and technologies (i.e., Atomic Red Team, Security validation, XMCyber, etc).Experience with Threat intelligence technologies and investigationsExtensive knowledge of cloud-based technologies including Azure, Office 365, etc.Extensive working knowledge of DNS, DHCP, and network security protocols.Extensive working knowledge of IPS / IDS / Next-Generation Firewalls.OSCP (IDEAL TO HAVE because this cert proves their embedded technical skills), CISM, CISSP, PCIP, ISA, GWAPT, GPEN or equivalent certifications preferred. location: Atlanta, Georgia job type: Permanent salary: $117,000 - 148,000 per year work hours: 9am to 5pm education: Bachelors responsibilities: Collaborate with the CIRT team to improve detection and response utilizing the "Attack-based Defense" (security control validation) capability.Develop an Attack and Pen (A&P) program that will encompass both regular and ad hoc penetration tests, support third party vendors that will conduct larger scoped penetration tests or red team assessments, deploy and maintain red team infrastructure, and aid in the development of junior analysts in A&P operations.Assist with the development of a threat hunting program, from policies and procedures to deploying threat hunting tool sets, to threat hunting infrastructureDrive the integration of threat intelligence data sources to enrich the Cyber Incident Response (CIRT) team functions across Aaron's enterprise network.Assist CIRT operations engineers in advance threat analysis and investigations in the event of a security event.Continually monitor the security industry for attack trends and ensure those trends are handled in our automated testing solutions.Automating processes for remediating and maintaining security controls.Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developedServe as a technical mentor and subject matter expert for the Information Security Department. qualifications: Experience level: ExperiencedMinimum 5 years of experienceEducation: Bachelors (required) skills: Attack and PenetrationThreat IntelligenceOSCP CertificationSIEMIPSIDSDNSCEH (Certified Ethical Hackers)/PenTest Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.