Vector Command Specialist

📋 Description

• • As a Vector Command Specialist at Moose Labs LLC, you will be an integral part of a specialized offensive security team dedicated to enhancing client security postures through advanced attack surface management strategies and technical expertise.
• • You will play a dual role, serving as both a technical analyst and a crucial customer liaison, ensuring clear communication and effective support throughout the engagement lifecycle.
• • A significant aspect of your role will involve collaborating closely with various Managed Services teams, including Managed Detection and Response (MDR) and Managed Vulnerability Management (MVM), to ensure seamless service delivery and integrated security solutions for clients.
• • You will be responsible for the meticulous preparation and delivery of monthly Red Team reports, providing clients with comprehensive insights into their security landscape and the outcomes of offensive operations.
• • Your day-to-day activities will include addressing specific customer needs, offering expert advice, and contributing to the broader deliverables expected from security consulting engagements.
• • The Vector Command team operates as an 'always-on' Red Team, emulating real-world adversaries to identify and exploit weaknesses in client defenses, thereby testing the robustness of their entire security strategy and defense-in-depth measures.
• • You will actively participate in large-scale reconnaissance efforts, identifying exposed or high-value assets that present potential targets for compromise.
• • Following initial access, you will contribute to post-compromise objectives, demonstrating the real-world impact of vulnerabilities, evading detection mechanisms, and assessing the effectiveness of existing security controls.
• • Beyond direct offensive operations, you will provide critical support through external attack surface analysis, meticulously identifying and mapping a client's internet-facing exposures.
• • You will be involved in the integration of various accounts and security tools, ensuring that the Vector Command platform operates efficiently and effectively with client environments.
• • A key responsibility is maintaining constant awareness of emerging vulnerabilities, shifts in client attack surfaces, and any changes within customer environments that could impact security assessments.
• • You will onboard new customers to the Vector Command platform and associated technologies, ensuring a smooth transition and comprehensive understanding of the service.
• • Overseeing and guaranteeing the completeness and accuracy of customer report deliverables will be a core function, ensuring clients receive high-quality, actionable intelligence.
• • Serving as the primary point of contact for customer inquiries, you will address questions related to testing operations, security alerts, and general Vector Command activities, providing timely and accurate responses.
• • You will coordinate and host monthly Vector Command Red Team update calls, working in conjunction with a Rapid7 Red Team lead to present findings and discuss ongoing strategies.
• • A vital skill will be the ability to translate complex technical security concepts into clear, understandable language for non-security personnel, facilitating effective communication and decision-making.
• • You will proactively analyze each customer’s exposures and attack surface within the Vector Command platform, identifying potential risks and areas for improvement.
• • Conducting manual network and service reconnaissance will be essential to uncover new exposures that automated tools might miss.
• • Performing Open-Source Intelligence (OSINT) gathering on customers will broaden the scope of attack surface analysis, identifying elements that extend beyond traditional network services.
• • You will be responsible for keeping the Red Team operators informed of any significant changes or new discoveries related to customers’ attack surfaces.
• • Coordinating customer requests and prioritizing tasks with the Red Team operators will ensure that client needs are met efficiently and effectively.
• • Developing scripts to query and analyze attack surface data from diverse sources and automated systems will enhance operational efficiency and data-driven insights.
• • You may also perform entry-level penetration testing activities against external assets, as directed by the Red Team lead, gaining practical offensive security experience.
• • This role demands a commitment to the 'end-to-end' testing process, from initial planning through to supporting remediation efforts, ensuring a holistic approach to client security.
• • You will contribute to a culture of knowledge sharing and cross-training, fostering a collaborative and continuously learning team environment.
• • Embodying core company values will be crucial in driving a culture of excellence, impact, and collective success.