Senior Red Team Specialist
Security Irvine, California

As a member of the red team you provide the technical expertise required to carry out internal and external hacking exercises.  You will seek out and bring to light company crushing vulnerabilities in real world scenarios using any methods at your disposal.  From here you will create and provide presentations to executive management highlighting outcomes of the team’s operations with recommendations for remediation or mitigation.  

This is a position for highly driven autonomous security professionals that work well in a team-oriented environment.

Responsibilities

  • Plan and conduct attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on critical functions.
  • Be flexible with regard to schedule to accommodate the most effect time to carry out attack campaigns depending on objectives defined.
  • Design and develop scripts, frameworks, tools, and the methods required for facilitating and executing complex attacks, emulating malicious actor behavior aimed at avoiding detection.
  • Review results of any operation in order to determine severity of findings and identify potential remediation or mitigation strategies.
  • Work in a fast-paced, tightly knit and coordinated team within a highly technical environment and have the willingness to learn new skills as required.
  • Compile and present comprehensive campaign results to process / system owners as well as senior leadership.
  • Create extensive documentation and be able to present your findings to the rest of the team or subject matter experts as necessary.
  • Define and develop agenda for training and educating employees on advanced exploits, tools and frameworks.
  • Research emerging technologies and exploitation methods relevant to the company.
  • Explore opportunities to discover previously unknown or undisclosed vulnerabilities.
  • Execute on your comprehensive knowledge and specialization in assigned area of skill in complex and challenging situations.
  • Possess and employ a high level of proficiency in one or more disciplines employed within the red team, such as web applications, system exploitation, network based attacks, reverse engineering, social engineering, etc.

Qualifications

  • Bachelor’s degree in Computer Science, Information Security, a related program, or equivalent work experience
  • A minimum of 6 years’ of professional experience in information security as a penetration tester, reverse engineer, researcher or threat analyst / IR team member
  • Able to operate at an advanced level of written and spoken communication
  • Prior experience or expertise performing red team operations

Disciplines / Specializations Preferred

  • High level of knowledge in application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning, and anything else a minion of Diablo would perform
  • Experience with writing and demonstrating proof of concept work from an exploitation or attack perspective
  • Capable to create and employ modules and tailored payloads for common testing frameworks or tools
  • Extensive understanding of cryptography, its role in the enterprise, and its strengths as well as weaknesses
  • Knowledge of tactics, techniques, and procedures that could be used for recon, persistence, lateral movement, and exfiltration
  • Programming exposure and familiarity with languages such as C /C# / C++, Java, or Assembly
  • Proficiency in one or more scripting languages, e.g. Perl, Python, PowerShell or shell scripting
  • Prior experience with reverse engineering, malware analysis, and forensic tools
  • Solid understanding of networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls and their roles in security
  • Knowledge of access control methodologies, network / host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
  • Knowledge or experience in infiltration of physical systems such as lock picking, social engineering, and hardware authentication bypass
  • Experience with hardware hacking or building custom hardware for the purpose of exploitation

Required Application Materials

  • Resume
  • Cover Letter (optional) which should include:
      • Why you are interested in working at Blizzard
      • What games you are currently playing

Blizzard Entertainment is a global company committed to growing our employees along with the business. We offer generous benefits and perks with an eye on providing true work / life balance. We’ve worked hard to foster an intensely collaborative and creative environment, a diverse and inclusive employee culture, and training and opportunity for professional growth. Our people are everything. Our core values are real, and our mission has never changed. We are dedicated to creating the most epic entertainment experiences...ever. Join us!

Поделиться: 

Blizzard Entertainment — компания равных возможностей. Мы принимаем на работу квалифицированных сотрудников, независимо от их расы, цвета кожи, пола, возраста, религии, происхождения, гражданства, семейного положения, сексуальной ориентации, гендерной принадлежности, генетических данных, инвалидности, беременности, службы в армии, статуса ветерана и принадлежности к иным социальным группам и меньшинствам.

Запрос дополнительных услуг: работая с людьми с ограниченными возможностями, мы стремимся предоставлять им всю необходимую помощь. Если Вы — кандидат с ограниченными возможностями, нуждающийся в дополнительных услугах для участия в конкурсе на открытую вакансию, пожалуйста, отправьте Ваш запрос по адресу talentacquisition@blizzard.com. Этот электронный адрес не предназначен для отправки и обработки общих вопросов, касающихся трудоустройства. Благодарим Вас за проявленный интерес.

Вниманию агенств по найму и трудоустройству! Мы не принимаем резюме, поданные агенствами по собственной инициативе. Пожалуйста, не отправляйте нам подобные резюме ни через вебсайт, ни нашим сотрудникам напрямую. Мы не будем выплачивать вознаграждения сторонним агенствам, агентам или фирмам за поиск сотрудников, если они не заключили с Blizzard соответствующий контракт заранее. Мы не несем никакой ответственности за какие бы то ни было агентские гонорары, связанные с предоставлением несогласованных резюме. Любые несогласованные резюме, отправленные в Blizzard, будут считаться нашей собственностью и мы будем распоряжаться ими по своему усмотрению.