Engineer, Offensive Cybersecurity

📋 Description

• • As an Offensive Cybersecurity Engineer at Abacus Group LLC, you will be at the forefront of safeguarding complex enterprise organizations by conducting rigorous penetration testing across a diverse range of systems and services. Your expertise will be crucial in identifying and evaluating security misconfigurations and vulnerabilities within critical environments, including Microsoft 365, Amazon Web Services (AWS), Google Cloud Platform (GCP), traditional Active Directory, Endpoint Detection and Response (EDR) systems, email security solutions, and various networking equipment.
• • You will perform comprehensive cybersecurity risk assessments, meticulously analyzing the potential impact and likelihood of identified risks across hybrid, on-premise, and cloud-based infrastructures. This involves a deep dive into how security weaknesses could be exploited and the potential business consequences, requiring a blend of technical acumen and strategic thinking.
• • A core responsibility will be the creation of highly detailed technical reports. These reports must clearly articulate your findings, propose actionable mitigation strategies, identify compensating controls, and outline the methodologies employed. The ability to tailor these reports to be easily understood by both executive leadership and technical teams is paramount, ensuring clear communication and effective remediation planning.
• • You will also be tasked with conducting technical reviews of cybersecurity testing reports generated by others, providing constructive feedback and ensuring the highest standards of quality and thoroughness are maintained across the team.
• • Staying ahead of the curve in the rapidly evolving cybersecurity landscape is essential. You will be expected to continuously research and remain updated with the latest testing techniques, cutting-edge tools, and emerging methodologies to ensure our clients receive the most effective and relevant security assessments.
• • A significant aspect of this role involves client interaction. You will present your detailed findings and nuanced technical recommendations directly to customers. Within your first three months, you are expected to confidently lead these customer presentations, demonstrating strong communication and presentation skills.
• • Collaboration and knowledge sharing are key components of our team culture. You will actively discuss, collaborate with, and train your teammates within the Cybersecurity Red Team. This includes sharing insights on various tools and techniques associated with cybersecurity risk assessment, fostering a collective growth environment.
• • You will also have the opportunity to contribute to other critical engagements, such as social engineering assessments, network penetration testing, and vulnerability reviews, providing a broad exposure to different facets of offensive security.
• • Beyond technical execution, we value individuals who possess strong critical and creative thinking skills, enabling them to strategize effectively and add significant value to customer engagements. The ability to self-manage time and commitments is crucial, as you will be juggling multiple projects concurrently.
• • A keen attention to detail and a well-organized approach are non-negotiable, ensuring accuracy and thoroughness in all aspects of your work. We seek highly motivated individuals who are driven to continuously learn, innovate, and push the boundaries of their expertise.
• • Exceptional verbal and written communication skills are vital, particularly when explaining complex technical concepts to non-technical audiences. Your ability to articulate risks and solutions clearly will directly impact client understanding and action.
• • Furthermore, impeccable spelling and grammar skills are required for crafting and proofreading all documentation, maintaining a professional standard in all client-facing materials.
• • Familiarity and comfortability operating with tools like ScoutSuite and other cloud-based security assessment tools are expected, demonstrating your practical experience with relevant technologies.
• • This role is ideal for someone who values integrity and honesty above all else, possesses a genuine passion for information security and helping others, and thrives in an environment that encourages challenging the status quo while working within defined constraints.
• • You should be able to self-direct your work, exhibit a proactive, action-oriented mindset, and truly own your responsibilities. A collaborative attitude and mindset with colleagues and team members will ensure success within our dynamic team.