Vacancy expired!
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
SummaryGuidePoint Security's Threat & Attack Simulation Practice provides attack-oriented professional services, including Penetration Testing, Social Engineering, Red Teaming, IoT/Hardware Assessments, Vulnerability Assessments, and various ad hoc Custom Assessments to address unique information security concerns for prestigious clients. As a Managing Security Consultant, you will be a trustworthy and reliable team member who leverages your knowledge, skills, and experience to define the practice's future. Your primary responsibilities will be split between technical and managerial tasks and include providing guidance, leadership, and oversight to your direct reports, refining existing Practice offerings, developing new Practice offerings, assisting with pre-sales activities, and performing technical assessments. Managing Security Consultants share responsibility for the Practice's future success. GuidePoint Security's Threat & Attack Simulation service offerings are perpetually evolving in response to emerging threats and diverse client needs. Your creativity, experience, and expertise will assist the Practice in adapting to this rapidly changing environment.Role Responsibilities- Manage a team of talented information security professionals and clearly communicate unmet needs to practice leadership
- Deliver Threat & Attack Simulation's professional services, including but not limited to Vulnerability Assessments, Internal and External Penetration Tests, Wireless Security Assessments, Onsite and Remote Social Engineering, Red Team Assessments, IoT/Hardware Assessments, and a variety of Custom Assessments
- Author comprehensive assessment deliverables that are proficiently tailored to both technical and managerial audiences and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies
- Contribute to marketing initiatives via activities such as publishing research, speaking at industry conferences, authoring blog articles and whitepapers, hosting webinars, and developing security tools
- Support pre-sales activities and the creation, facilitation, and closure of professional services opportunities, including representing both the company and the Threat & Attack Simulation Practice, performing scoping and technical requirements gathering, and cooperatively interacting with other Practices to develop large, complex, multi-practice engagements
- Assist with Practice development, including improving existing offerings, creating new offerings, and mentoring team members
- Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry.
- Foster client relationships by providing support, information, and guidance
- Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company
- Perform typical managerial functions such as performance reviews, expense approvals, time entry approvals, etc. in a timely manner
- Perform other duties as assigned
- InfoSec community involvement, such as conference speaking, blog/whitepaper authoring, and podcast speaking/producing experience, is strongly preferred.
- Minimum of five (5) years of experience performing offensive/attack-oriented security assessments
- Minimum of three (3) years of experience in an enterprise-level consulting services role
- Over ten (10+) combined years of IT, and information security experience is strongly preferred
- At least two (2) years of experience managing a team of five (5) or more individuals is preferred
- Internal operational experience is strongly preferred
- Lab-based certifications, such as OSCP, OSCE, OSEP, and GSE, are strongly preferred
- Other relevant industry certifications, such as GPEN, GCIH, and course completion on platforms like HackTheBox are also preferred
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions)
- 100% employer-paid medical and dental premiums with generous employer family contributions
- 11 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
Vacancy expired!