Principal Consultant, Red Team (Unit 42)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Palo Alto Networks is seeking a Principal Consultant for the Offensive Security team to lead Red and Purple team engagements. The role involves penetration testing, vulnerability assessment, and developing custom exploits.
Key Skills for This Role
Responsibilities
- Perform client penetration testing to find vulnerabilities or weaknesses that might be exploited by a malicious party.
- Assist in scoping engagements by articulating various penetration approaches and methodologies to technical and executive audiences.
- Generate reports that clearly communicate testing details, results, and remediation recommendations to clients.
- Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements.
- Conduct periodic scans of networks to find and detect vulnerabilities.
- Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration.
- Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise.
- Conduct cloud penetration testing engagements to assess workloads in AWS, GCP, Azure, containers, or other PaaS/SaaS instances.
- Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems.
- Perform travel requirements as needed to meet business demands.
Requirements
- 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering, bespoke security assessments and exploit development
- Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT/OT)
- Deep understanding of how malicious software works (malware, trojans, rootkits, etc.)
- Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
- Strong knowledge of tools and techniques for network, wireless, and web application penetration testing
- Experience with scripting and programming using Perl, Python, Ruby, Bash, C/C++, C#, or Java
- Experience with security assessment tools including Nessus, OpenVAS, MobSF, Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, Empire
- Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent experience
- Hold industry leading certifications from OffSec (OSCE/OSCP/OSWP), CREST, GIAC (SANS)
Full Job Posting
Job Summary
- The Principal Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients.
- The individual will have experience leading Red & Purple team engagements and will provide strong recommendations in this domain.
Your Impact
- Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open source, custom, and commercial testing tools Red Team experience essential.
- Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel.
- Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients.
- Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements.
- Conducts periodic scans of networks to find and detect vulnerabilities.
- Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support.
- Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs).
- Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances).
- Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems.
- Ability to perform travel requirements as needed to meet business demands.
Your Experience
- 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development.
- Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies.
- Demonstrate a deep understanding of how malicious software works (i.e. malware, trojans, rootkits, etc.).
- Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit.
- Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing.
- Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities.
- Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure).
- Experience with scripting and editing existing code and programming using one or more of the following Perl, Python, ruby, bash, C/C++, C#, or Java.
- Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire.
- Knowledge of application, database, and web server design and implementation.
- Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'.
- Knowledge of open security testing standards and projects, including OWASP & MITRE ATT&CK.
Our Mission
- At Palo Alto Networks, we are united by a shared mission to protect our digital way of life.
- We thrive at the intersection of innovation and impact, solving real world problems with cutting edge technology.
Additional Information
- This role is remote, but distance is no barrier to impact.
- This role can be hired for Riyadh, Remote or Dubai Remote.
- Is role eligible for Immigration Sponsorship? Yes.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Palo Alto Networks
Named Account Manager - Public Sector
Toronto, CAN
Palo Alto Networks is seeking a Named Account Manager for the Public Sector to drive sales engagements and revenue growth. You will develop strategic territory plans, build relationships with prospective customers, and o
Systems Engineer (Oman)
Dubai, UAE
Palo Alto Networks is seeking a Solutions Consultant (Systems Engineer) to provide technical leadership and expertise in customer security transformation journeys. The role involves meeting sales quotas, conducting disco
Systems Engineer (Oman)
Dubai, UAE
Palo Alto Networks is seeking a Solutions Consultant (Systems Engineer) to provide technical leadership and expertise in cybersecurity solutions for customers in Oman. The role involves driving sales, conducting technica
Territory Sales Manager
Montréal, CAN
Palo Alto Networks is hiring a Territory Sales Manager in Montreal to sell cybersecurity solutions through channel partners and drive revenue growth. The role requires experience in SaaS-based architectures, consultative
Solutions Engineer, DevOps - US West and Canada
Vancouver, CAN
Palo Alto Networks is seeking a Solutions Engineer for the DevOps team to act as a trusted technical advisor for machine identity security solutions. You will deliver product demonstrations, conduct POCs, and partner wit
Named Account Manager - Public Sector
Vancouver, CAN
Palo Alto Networks is hiring a Named Account Manager for the Public Sector to drive sales engagements and revenue growth. You will lead complex sales cycles, build relationships with prospective customers, and implement
Professional Services Staff Consultant
Riyadh, KSA
Palo Alto Networks seeks a Professional Services Staff Consultant to act as a lead technical authority for strategic Cortex XSIAM engagements. The role involves defining end-to-end SOC architecture and technical delivery
Service Delivery Leader
Riyadh, KSA
Palo Alto Networks seeks a Service Delivery Leader to manage the post-sales customer lifecycle, driving adoption and consumption of cybersecurity products. The role involves key account ownership, customer planning, and
Named Account Manager - Public Sector
Toronto, CAN
Systems Engineer (Oman)
Dubai, UAE
Systems Engineer (Oman)
Dubai, UAE
Territory Sales Manager
Montréal, CAN
Solutions Engineer, DevOps - US West and Canada
Vancouver, CAN
Named Account Manager - Public Sector
Vancouver, CAN
Professional Services Staff Consultant
Riyadh, KSA
Service Delivery Leader
Riyadh, KSA
