RED TEAM - Cybersecurity Senior Specialist - SOC Analyst

• Conducting red team exercises to identify vulnerabilities and strengthen our defenses.
• Collaborating with the CSOC team to ensure flawless execution of security operations.
• Successfully implementing and handling C2 frameworks such as Metasploit, Cobalt Strike, and PowerShell Empire.
• Collaborating with individuals from both inside and outside the company to lead all aspects of a range of penetration tests and engagements.
• Actively participating in purple team activities to enhance our overall security posture.

• Penetration Testing: Conducting penetration tests across various attack surfaces, including network infrastructure, web applications, and wireless networks.
• Adversarial Tactics: Applying deep understanding of common attack techniques used by threat actors, including exploit development, privilege escalation, and lateral movement.
• Cyber Tools: Using penetration testing tools and frameworks, such as Metasploit, Cobalt Strike, Burp Suite, Nmap, and Wireshark.
• Vulnerability Assessment: Identifying and assessing security vulnerabilities in systems and applications, including knowledge of common vulnerabilities and exposure (CVE) databases.

• Five (5) or more years of experience in Information Security, Cybersecurity, or related Information Technology role.
• Three (3) or more years in SIEM (Security Information and Event Management), Incident Response, and SOC (Security Operations Center).
• Experience and proficient knowledge of red teaming methodologies and tools.
• Experience and familiarity with C2 frameworks and penetration testing tools, such as: Metasploit, Cobalt Strike, PowerShell Empire, Burp Suite, Nmap, and Wireshark.
• Experience identifying & assessing security vulnerabilities in systems and apps, including knowledge of common vulnerabilities and exposure (CVE) databases.
• Experience and expertise in attack surface management and vulnerability identification.
• Experience and solid project management skills, with the ability to coordinate multiple engagements.
• Exceptional communication and collaboration skills, with the ability to blend into our CSOC and company culture.

• Bachelor’s Degree or higher in Engineering, Computer Science, Information Systems, or related technical field.
• Experience and proficiency in one or more coding/scripting language. (e.g., Perl, Python, PowerShell, Shell Scripting, C/C#/C++, golang, etc.)
• Experience and knowledge with web-based application attacks.
• Experience performing “purple-team” activities.
• Experience with utility regulatory environment and NERC CIP requirements.
• Possess one or more of the following Cybersecurity / Information Security certifications:

• Certified Red Team Operator (CRTO)
• Global Information Assurance Certification (GIAC)
• Certified in Risk and Information Systems Control (CRISC)
• Practical Network Penetration Tester™ (PNPT)
• Offensive Security Certified Professional (OSCP)
• Offensive Security Wireless Professional (OSWP)
• Offensive Security Certified Expert (OSCE),
• Offensive Security Exploitation Expert (OSEE)
• Offensive Security Web Expert (OSWE)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Cisco Certified Network Associate (CCNA)
• Global Information Assurance Certification (GIAC)
• ZeroPointSecurity (CRTO)

• This position’s work mode is hybrid.
• Relocation does not apply to this position.
• The primary work location for this position is San Gabriel, CA however, the successful candidate may also be asked to work for a period out in the field throughout the service territory.
• This position has been identified as a NERC/CIP impacted position – Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
• Candidates for this position must be legally authorized to work directly as employees for any employer in the United States without visa sponsorship.

• US Citizenship required as part of Critical Infrastructure security protocols.

Mattson Resources