Cyber Defense Specialist, Principal - Now Hiring
Your Role The Information Security team is looking for a certified offensive security professional to join our fast paced, highly collaborative, and diverse team.
Our mission is to provide operationally excellent next-generation information security offensive security services that help protect Blue Shield from adverse cyber events.
The Cyber Defense Specialist, Principal (Offensive Security role) will report to the Senior Manager of Information Security.
In this role you will gain an advanced knowledge of security products, put into practice standard coding and scripting such as Python, PowerShell, and other scripting/query languages.
You will have a lead role in developing our offensive security strategy and enabling our secure cloud transformation journey.
Your Work In this role, you will:
Conduct high quality application penetration tests and security controls validation independently, or as part of a team to produce comprehensive reporting Create detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations Define roadmap for growing the offensive security program and manage relationships with external security researchers Apply/improve automated vulnerability discovery of infrastructure with continuous fuzzing Recruit, champion, and support teams to execute on the strategic vision of building a successful Offensive Security capability Research, reproduce and respond to various security vulnerabilities reported Collaboratively define threat models, scope, and prioritize offensive security engagements Communicate and collaborate with partner teams, asset/service owners, cross-organizational Information Security teams, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings Strong knowledge of Microsoft Azure and Google Cloud environments from an attacker perspective - demonstrate the ability to test trusted relationships and misconfigurations Participate in purple-team exercises to improve efficacy of internal security programs Develop training programs on security-related topics such as threat modeling and secure coding for larger engineering team Your Knowledge and Experience Requires at least 10 years of prior relevant experience in IT, information security, or infrastructure security Requires certification(s) demonstrating core competency in offensive security operations, such as OSCP, OSCE, OSWE, GXPN, eCPTX, or similar Requires significant experience with attack platforms and tools to conduct vulnerability research against network, applications, and systems Requires offensive security work experience OR military experience and education OR a bachelor's degree in Computer Science or related field combined with experience Requires significant experience in security assessment of networked systems and protocols for regulatory requirements (e.
g.
SOC2, HIPAA, NIST CSF, etc.
) Requires moderate experience reviewing source code for control flows & security flaws Requires ability to scope security engagements and vet capabilities of security researchers and third party consultants Requires proven ability to work within a collaborative, cross-functional environment and mentor/develop the next generation of strong security engineers Pay Range:
The pay range for this role is:
$ 145200.
00 to $ 217800.
00 for California.
Note:
Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade.
Blue Shield salaries are based on a variety of factors, including the candidate's experience, location (California, Bay area, or outside California), and current employee salaries for similar roles.
Salary:
$51.
Estimated Salary: $20 to $28 per hour based on qualifications.
Our mission is to provide operationally excellent next-generation information security offensive security services that help protect Blue Shield from adverse cyber events.
The Cyber Defense Specialist, Principal (Offensive Security role) will report to the Senior Manager of Information Security.
In this role you will gain an advanced knowledge of security products, put into practice standard coding and scripting such as Python, PowerShell, and other scripting/query languages.
You will have a lead role in developing our offensive security strategy and enabling our secure cloud transformation journey.
Your Work In this role, you will:
Conduct high quality application penetration tests and security controls validation independently, or as part of a team to produce comprehensive reporting Create detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations Define roadmap for growing the offensive security program and manage relationships with external security researchers Apply/improve automated vulnerability discovery of infrastructure with continuous fuzzing Recruit, champion, and support teams to execute on the strategic vision of building a successful Offensive Security capability Research, reproduce and respond to various security vulnerabilities reported Collaboratively define threat models, scope, and prioritize offensive security engagements Communicate and collaborate with partner teams, asset/service owners, cross-organizational Information Security teams, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings Strong knowledge of Microsoft Azure and Google Cloud environments from an attacker perspective - demonstrate the ability to test trusted relationships and misconfigurations Participate in purple-team exercises to improve efficacy of internal security programs Develop training programs on security-related topics such as threat modeling and secure coding for larger engineering team Your Knowledge and Experience Requires at least 10 years of prior relevant experience in IT, information security, or infrastructure security Requires certification(s) demonstrating core competency in offensive security operations, such as OSCP, OSCE, OSWE, GXPN, eCPTX, or similar Requires significant experience with attack platforms and tools to conduct vulnerability research against network, applications, and systems Requires offensive security work experience OR military experience and education OR a bachelor's degree in Computer Science or related field combined with experience Requires significant experience in security assessment of networked systems and protocols for regulatory requirements (e.
g.
SOC2, HIPAA, NIST CSF, etc.
) Requires moderate experience reviewing source code for control flows & security flaws Requires ability to scope security engagements and vet capabilities of security researchers and third party consultants Requires proven ability to work within a collaborative, cross-functional environment and mentor/develop the next generation of strong security engineers Pay Range:
The pay range for this role is:
$ 145200.
00 to $ 217800.
00 for California.
Note:
Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade.
Blue Shield salaries are based on a variety of factors, including the candidate's experience, location (California, Bay area, or outside California), and current employee salaries for similar roles.
Salary:
$51.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
