at Health Care Service Corporation in Chicago, Illinois, United States
Job Description
At HCSC, we consider our employees the cornerstone of our business and the foundation to our success. We enable employees to craft their career with curated development plans that set their learning path to a rewarding and fulfilling career.
Come join us and be part of a purpose driven company who is invested in your future!
Job Summary
This is a senior Cybersecurity Red Team position responsible for identifying technical security vulnerabilities by conducting application analysis, network analysis, research, and adversarial simulation; reporting security vulnerabilities and the risks those vulnerabilities present to vice presidents, managers, and other technical individuals; and recommending mitigating solutions to remediate risk associated with vulnerabilities. Must maintain knowledge of cybersecurity attack trends and changing technologies and provide recommendations for adaptation of new technologies for Red Team service execution; provide management with vulnerability and risk assessments and security briefings to advise them of critical and high-risk vulnerabilities that may affect customer or corporate security objectives; evaluate and recommend security products, services and/or procedures to enhance defensive effectiveness.
This is a WFH role. Sponsorship is not available.
Required Job Qualifications:
* Bachelor Degree with 8 years security experience OR 14 years of experience.
* Familiarity with MITRE ATT&CK Framework and aligning attack TTPs and vulnerability findings to the MITRE framework.
* Prior adversarial simulation experience from both an assumed compromise as well as uninformed outsider perspective.
* Application/API assessment and security testing experience.
* White box and black box penetration testing experience.
* Experience in the following: computer architecture, operating systems, inter-process communications, networking protocols and their related implementations, authentication, authorization, and RBAC concepts.
* Experience with and understanding of compiled and interpreted programs and the types of security issues possible in each; database systems, web servers, application servers, mainframes, firewalls, routers, load balancers, switches, and different types of middleware; x86 assembly.
* Experience with debuggers and disassembles; static and dynamic malware analysis, protocol analysis, and log analysis; intrusion analysis through log analysis, investigative data correlation, and system review
* Experience assessing security risk associated with enterprise solutions.
* Verbal communications skills and concise written communication skills.
* Organization and multi-tasking skills with flexibility to adapt to wide variety of security incident response events.
Preferred Job Qualifications:
* Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.
* Experience with software decompilation and reverse engineering of software binaries for the specific purpose of finding cybersecurity vulnerabilities.
* One or more of the following certifications is desirable: MCSE, RHCE, CCNA, CCIE, CISM, CISA, OSCE, OSCP, C-EH, CISSP.
#LI-ES1
#LI-Remote
Are you being referred to one of our roles? If so, ask your connection at HCSC about our Employee Referral process!
HCSC Employment Statement:
HCSC is committed to diversity in the workplace and to providing equal opportunity and affirmative action to employees and applicants. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to workforce diversity and a drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
