Skip to main content

Manager, Threat Emulation Services

White Oak Security seeks a Threat Emulation Services manager to mature, lead and deliver the firm’s service offerings around system-wide views of threat-driven risks and applying them to the testing of systems and services that the firm delivers.

The focus of the team will be to determine where vulnerabilities may exist within the people, processes, and technology that enable the firm, and then partner with system and service owners to assist in remediation and mitigation activities and the development of defensive controls.

The successful candidate will have a proven track record of leading advanced network exploitation operations and application penetration tests, delivering technical leadership for an offensive security team, and executing tactical, offensive assessments.

CULTURE

At White Oak Security, we love what we do, and we want to provide a place where talented professionals can thrive.

Our people are our first priority. We want our employees and their families to be happy — this has allowed us to bring together the best talent and drives everything we do.

We enjoy a caring and happy culture where people feel valued. It’s important that our team members enjoy what they do and have the curiosity to keep learning.

Our team values true depth of knowledge which translates into quality. We believe in delivering comprehensive solutions and actionable reports.

We want to do the right thing and offer services that do the most good. Our clients want someone they can trust with their sensitive data and who will support them through anything.

RESPONSIBILITIES

  • Lead White Oak Security penetration testing projects, attending kick-off and read-out calls, and providing tester support throughout engagements.
  • Lead Threat Emulation and Penetration Testing team members for White Oak Security, maximizing the efforts and satisfaction of all Threat Emulation Services team members.
  • Mature the program and methodology that shapes how White Oak Security approaches Threat Emulation, to include defining the rules and parameters for ethical hacking of systems, software, and networks to identify and mitigate potential vulnerabilities.
  • Set direction and oversee the performance of penetration tests and Threat Emulation simulations on targets across all White Oak Security partners and customers
  • Act as a client’s primary program contact for projects delivered by White Oak’s Threat Emulation team.
  • Participate and contribute to White Oak’s social media presence on various platforms.
  • Assist with report and other deliverable quality assurance by reviewing reports and developing custom report templates when necessary.

REQUIREMENTS

  • Bachelor’s degree or equivalent in Computer Engineering, Computer Science, or a related field of study or at least 3 years of progressively responsible experience performing network and application security assessments and/or Cyber Red Team operations.
  • Prior experience should include: performing application and network penetration tests, vulnerability assessments, infrastructure security reviews for web applications and their supporting network infrastructure, and red team assessments that have tested security processes and controls.
  • Work collaboratively with a variety of internal and external stakeholders (security consultants, project managers, service managers, development teams, technical SME’s, vendors) to deliver high quality assessments.
    • Strong understanding of and experience with:
    • Networking fundamentals (all OSI layers, protocols, etc.)
    • Windows/Linux/Unix operating systems
    • Operating system and software vulnerabilities and exploitation techniques
    • Web and mobile application vulnerabilities and exploitation techniques
    • Malware packing, obfuscation, persistence, exfiltration techniques
    • Security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
    • Commercial or open-source offensive security tools for reconnaissance, scanning, exploitation, and post-exploitation (e.g., Nmap, Nessus, Metasploit, Burp Suite, etc.)
    • Project Management
  • Demonstrated leader with team-oriented interpersonal skills, with the ability to interface effectively with upper management, IT leadership, and technology vendors.
  • Develop and implement processes and/or tools that assist with execution of security assessments, including custom tools and automation
  • Ability to collaborate and build positive relationships across multiple stakeholders
  • Agile thinking and analysis that leads to win-win and innovative solutions
  • Strong written and verbal communication skills.
  • Calmness and clarity of thought under pressure and ability to maintain confidentiality.
  • Ability to prepare and present project ideas and proposals to senior management
  • Understanding of financial sector, or other large organization, security, and IT infrastructures
  • Willingness to work non-standard hours, if necessary 
  • Oral & written communication skills

BENEFITS

  • Top-tier Health Benefits
  • 401k + Match
  • Profit Sharing (after 12 months)
  • Training / Conference Budget
  • Flexible Work Schedule
  • Remote Culture

PRIMARY LOCATION

Remote (Americas – United States of America)

TRAVEL

Depends on project requirements

Contact Us