Posted:
8/6/2024, 5:00:00 PM
Location(s):
Milwaukee, Wisconsin, United States ⋅ Wisconsin, United States ⋅ Jacksonville, Florida, United States ⋅ Florida, United States ⋅ Orlando, Florida, United States ⋅ Georgia, United States ⋅ Atlanta, Georgia, United States
Experience Level(s):
Senior
Field(s):
IT & Security ⋅ Software Engineering
Job Description
About FIS
Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.
About the team
The Red Team is part of the broader Offensive Security team within FIS. The Red Team is responsible for designing and executing strategic offensive security operations against the FIS people, processes, and technology. We also work closely with Threat Intel and Blue Teams for adversary TTP emulation.
What you will be doing
FIS is looking for an experienced Senior Specialist Red Team Operator to join our dynamic team. This role involves designing, implementing, and conducting red/purple team operations and emulating threat actor tactics, techniques, and procedures. You will identify and exploit vulnerabilities, assess security postures, and provide actionable insights to strengthen our cybersecurity defenses.
· Develop and execute complex attack scenarios and simulations to emulate real-world threats and test the robustness of our cybersecurity measures.
· Collaborate with cross-functional teams to analyze security findings, prioritize remediation efforts, and recommend effective mitigation strategies.
· Create detailed reports outlining vulnerabilities, exploit techniques, and actionable recommendations for improving security posture.
· Conduct threat hunting and map the attack surface.
· Work with the business to review vulnerabilities and advise on remediation priorities.
· Stay updated on emerging security threats, attack techniques, and industry best practices to enhance offensive security methodologies.
· Research and development of custom tools and malware payloads to support operations.
· Provide technical expertise and guidance on offensive security techniques, tools, and procedures.
· Participate in knowledge-sharing activities, such as training sessions and workshops, to foster continuous learning and skill development within the organization.
What you bring
· A bachelor’s degree in computer science, Information Security, or a related field, or equivalent experience and skills.
· At least one offensive security certification such as OSCP, OSCE, GPEN, or equivalent.
· 8+ years of experience in offensive security roles, including penetration testing, red/purple teaming, and ethical hacking.
· Strong knowledge of network, operating system, cloud, and web application security architecture.
· Proficiency in using offensive security tools such as Metasploit, Burp Suite, Nmap, Nuclei, and Kali Linux.
· Experience with command and control (C2) frameworks such as Cobalt Strike, Sliver, or Mythic.
· Well-versed in at least one scripting and programming language such as Python, C++, C#, Java, Go, PowerShell.
· Experience in creating custom tools and payloads that can evade defensive products.
· In-depth understanding of attack vectors, exploit techniques, and vulnerability assessment methodologies, with experience in applying MITRE ATT&CK.
· Excellent analytical skills with the ability to assess complex systems and identify security gaps.
Bonus if you have
· Experience in the FinTech or Banking industries.
· Familiarity with industry compliance standards and regulations (e.g., PCI DSS, ISO 27001, GDPR).
· Familiarity with CBEST or TIBER assessment frameworks.
What we offer you
· A competitive salary and benefits
· A variety of career development tools, resources and opportunities
· Varied and challenging work to help grow your technical skills.
Privacy Statement
FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.
EEOC Statement
FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here
For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.
Sourcing Model
Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
#pridepass
Website: https://fisglobal.com/
Headquarter Location: Jacksonville, Florida, United States
Employee Count: 10001+
Year Founded: 1968
IPO Status: Public
Last Funding Type: Post-IPO Debt
Industries: Banking ⋅ Financial Services ⋅ Information Technology ⋅ Payments