Join our Talent Network
Skip to main content

Red Team Engineer, HAP Tech

Location: , United States
Date Posted:

Share:

Description

HAP Tech, a subgroup of BRG’s Healthcare Analytics practice (HAP), is one of the firm’s largest and fastest growing teams. This innovative group is currently looking for talented and dynamic professionals to join us as we continue to grow! HAP Tech supports and advises pharmaceutical manufacturers on how to navigate the challenges and complexities of the 340B program as well as other areas of the healthcare ecosystem. Our team is the established market leader in data and technology solutions for 340B-related issues and we support an impressive client base which includes the largest pharmaceutical manufacturers in the US as well as early-stage biotech companies. Beyond our syndicated solutions, we also integrate and synthesize data to deliver unparalleled analytics and insights into various aspects of the 340B program and the pharmaceutical supply chain.
 
The Red Team Engineer will simulate attacks against internally developed applications and infrastructure, using tools and techniques that are common in modern security breaches, to identify vulnerabilities and weakness to various sophisticated attacks, evaluate and continuously improve incident response capabilities, elevate security awareness throughout or organization, and demonstrate compliance across multiple security frameworks.   
 
Responsibilities
  • Design and execute penetration testing and source code review engagements against a variety of web services and software.
  • Conduct research into real-world threat actor tactics, techniques, and procedures to develop playbooks.
  • Maintaining in-depth documentation and auditing of actions taken during Red Team operations to provide deconfliction and non-repudiation.
  • Provide actionable long-term risk mitigation guidance.
  • Partner with engineers and product teams in driving remediation of weaknesses identified in application security review engagements.
  • Stay abreast of the latest cyber security threats, trends, and attack techniques; continuously improve our testing methodologies and tools.
  • Document and present results to a variety of audiences, ranging from technical engineers over non-technical subject matter experts to executive leadership.
 
Qualifications:
  • Minimum 3 years of experience in cybersecurity, or red team operations.
  • Bachelor’s degree in information technology, related discipline, or relevant work experience
  • Relevant Technical Security Certifications: Offensive Security (OSCP, OSEP, OSWA, OSWE), GIAC (GPEN, GWAPT, GCPN, CX-PT), Infosec (CCPT, CMWAPT, CRTOP), EC-Council (LPT Master), etc.
  • Project management, cross-team coordination and driving organizational change.
  • 3+ years’ experience in the following areas:
    • Network penetration testing and manipulation of network infrastructure
    • Web application assessments
    • Scripting or automation of simple tasks using Python, Ruby, Go, etc.
    • Developing, extending, or modifying exploits, shellcode or exploit tools.
    • Source code review for control flow and security flaws
    • Bypassing preventative and detective security controls to accomplish operational goals.
 
Candidate must be able to submit verification of his/her legal right to work in the United States, without company sponsorship. 
 
Salary Range: $100,000-$150,000 per year.
 
#LI-JQ1
#LI-Remote
Share:

We look for highly motivated problem solvers who have strong analytical abilities and a desire to advance within their careers. Stay up to date on our career opportunities by joining our talent network.

Join our Talent Network