Red Team Security Engineer - Jacksonville, United States - Fidelity National Financial

    Fidelity National Financial
    Fidelity National Financial Jacksonville, United States

    4 weeks ago

    Default job background
    Description
    Overview

    POSITION OVERVIEW

    FNF is seeking a Red Team Operator to join its Information Security Office (ISO). This position will be reporting to the Offensive Security Manager. The ideal candidate will have a strong background in offensive security and bring their results-driven experience to improve the state of security at FNF. As a Red Team Security Operator, you will be responsible for conducting advanced adversarial simulations and Red Team exercises to assess the security posture of FNF's environment. You will collaborate closely with our internal teams to identify and exploit vulnerabilities, assess security controls, and provide actionable recommendations to enhance the company's security defenses.

    LOCATION
    • This position sits 100% remote
    DUTIES & RESPONSIBILITIES
    • Design and execute complex red team engagements, including reconnaissance, social engineering, penetration testing, and post-exploitation activities
    • Conduct thorough assessments of our network, systems, and applications to identify weaknesses and potential attack vectors
    • Develop and execute custom attack scenarios to emulate real-world cyber threats and assess the effectiveness of existing security controls
    • Collaborate with cross-functional teams to develop comprehensive remediation strategies and recommendations based on red team findings
    • Provide technical guidance and mentorship to junior team members, fostering their professional growth and development
    • Stay abreast of the latest cybersecurity threats, vulnerabilities, and techniques, and incorporate this knowledge into red team operations
    • Communicate effectively with clients to convey technical findings, recommendations, and risk implications clearly and concisely
    • Ensure all tools and systems the department uses are working and escalate issues to senior management or authorized vendors as needed
    • Maintain strict confidentiality regarding Red Team operations, findings, and engagements
    • Work with the manager of offensive security to develop the red team program further
    MINIMUM REQUIREMENTS
    • Bachelor's or Master's in Computer Science, Information Security, or a related field
    • Requires 5+ years of cybersecurity experience, focusing on offensive security, penetration testing, or red teaming
    • Experience with BloodHound or a similar tool
    • OSCP, GXPN, or other equivalent certification
    PREFERRED EXPERIENCE
    • Proficiency with Docker, Helm, WSL, and Kubernetes
    • Proficiency in Amazon Web Services or Google Cloud Platform
    • Active Directory and Azure Active Directory experience
    • Relevant industry certifications such as SANS 565, OSCE, GPEN, or similar certifications
    • Proficiency in common penetration testing tools and frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite, etc.).
    • Advanced understanding of network protocols, operating systems, and cloud environments
    • Experience with scripting or programming languages (e.g., Python, PowerShell, etc.)
    • Knowledge of and ability to research TTPs for known APTs
    • Proven experience leading and executing red team engagements in complex environments
    • Excellent problem-solving skills and the ability to think creatively to circumvent security controls
    • Effective communication and interpersonal skills, with the ability to interact confidently with technical and non-technical stakeholders.