Palo Alto Networks

Technical Consulting Director

Palo Alto Networks

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇸🇬 Singapore

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaScriptLinuxMacOSPython

About the role

  • Lead red and purple team assessments, assumed breach assessments (red team engagements with a pre-deployed implant), ransomware resilience assessment (assessing susceptibly to modern ransomware threats) and social-engineering assessments.
  • Deep technical expertise within three or more of the following subjects Artificial intelligence, Telecommunications infrastructure, Cloud, Devops, and Application security, Operating systems (Windows, Linux, and macOS), Active directory, Entra ID Hybrid-Identity related attacks, or Exploit & malware development.
  • Leads service line improvements and capability development - tooling and automation and improves methodologies to streamline internal processes and engagements
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Lead scoping and services overview conversations with clients for prospective engagements in area of expertise, presenting with credibility and authority, clearly articulating various testing approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Determines processes and procedures to be followed on assignments - On large and complex engagements, leads technical workstreams with guidance and oversight as required
  • Leads communications with clients on engagements, including highly technical matters, ensuring client inquiries are responded to promptly
  • Leads multi-staged engagements through to completion, manages engagement economics to deliver projects on time and on budget and uphold high standards of quality.
  • Mentors new team members and leads by example, demonstrating technical skills and procedures during engagements - delegates tasks and provides feedback to empower team members to produce high-quality results.
  • Travel as needed to meet business demands (up-to 30%, International within JAPAC)

Requirements

  • 12+ years of professional experience with cyber security tools, technologies, and methods focused on Red/Purple Teaming.
  • Clarify understanding of how malicious software works (i.e.malware, trojans, rootkits, etc.)
  • Ability to author custom exploits manually without dependence on commercial tools.
  • Ability to weaponize payloads for delivery on social-engineering engagements.
  • Experience with Active Directory, Entra ID, and cyber kill chain
  • Experience with penetration testing, administering, and troubleshooting major flavours of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Demonstrable experience with scripting and editing existing code and programming using one or more of the following - Powershell, C/C++, Python, Javascript, and C#.
  • Demonstrable experience of threat-intelligence led red teaming frameworks such as CORIE, TLPT, and AASE
  • Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent military experience to meet job requirements and expectations
  • Holds three or more established professional industry certifications such as: Offensive Security Certified Expert (OSCE) Certified Red Team Leader (CRTL) Offensive Security Exploitation Expert (OSEE) Offensive Security Experience Professional (OSEP) Offensive Security macOS Researcher (OSMR) Offensive Security Certified Professional (OSCP) CREST Registered Tester (CREST CRT) GIAC Red Team Professional (GRTP) CREST Certified Simulated Attack Specialist (CCSAS), and Published CVE’s, published research, or published tooling in alignment to offensive security and red teaming.
Benefits
  • Health insurance
  • Professional development opportunities
  • Flexible work arrangements

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
penetration testingmalware developmentexploit developmentscriptingprogrammingcloud securityActive Directorysocial engineeringvulnerability assessmentcyber kill chain
Soft skills
leadershipcommunicationmentoringproject managementclient engagementinnovationteam collaborationproblem-solvingprocess improvementpresentation skills
Certifications
OSCECRTLOSEEOSEPOSMROSCPCREST CRTGRTPCCSASpublished CVEs