About Us
As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.
To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.
Job Description Summary
The Security Consultant - Offensive Security is a critical?role?within?Stratascale's?Adversarial Operations team who will?assist?in?leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and?operational?service programs to a portfolio of our clients.
The Security Consultant supports the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and?operational?service programs to a portfolio of our clients. This role involves developing governance models, collaborating with sales and technical teams, delivering training content, and staying informed on industry trends to ensure successful solution delivery and continuous improvement in security practices.
This position is remote with a Home Office setup as determined by Stratascale management.
Role Description
Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements.
Consult and document attack surface, threats, and vulnerability?improvements based on team's overall assessment of client's environment.?
Perform full assessment and threat modeling against industry best practices to?identify?control weaknesses and assess the effectiveness of existing controls.?
Perform root cause analysis on?identified?vulnerabilities and attack surface weaknesses to?determine?technical solutions to be presented to client along with recommendations for remediations.?
Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts.?
Review threat intelligence?for specific threat vectors that align with client's industry or potentially?impacted?by to?utilize?in attack path modeling.?
Assist?in defining,?measuring, and?quantifying?business risk and vulnerability impacts to clients their stakeholders.?
Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems.
Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation.
Develop and deliver governance models, security frameworks, compliance reporting, and security assessments.
Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery.
Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement.
Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met.
Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions.
Participate in customer and internal meetings, providing technical guidance and facilitating discussions.
Stay educated on new product technologies, industry trends, and emerging capabilities within the practice.
Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants.
Behaviors and Competencies
Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication.
Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management.
Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation.
Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus.
Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence.
Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results.
Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same.
Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks.
Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion.
Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences.
Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles.
Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively.
Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving.
Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution.
Skill Level Requirements
Expertise in designing, implementing, and managing cloud-based solutions to optimize performance, scalability, and cost-efficiency - Intermediate
Proficiency in implementing and managing cloud security frameworks, compliance standards, and governance models - Intermediate
Ability to understand and articulate various security technologies, including firewalls, endpoint protection, email security, and identity management, to identify and address customer security challenges - Intermediate
Ability to oversee and direct projects to completion, ensuring goals are met, resources are utilized efficiently, and stakeholders are satisfied - Intermediate
Proficiency in implementing and managing DevOps practices, including continuous integration, continuous delivery, infrastructure as code, and monitoring to enhance the collaboration between development and operations teams - Intermediate
Ability to examine, clean, transform, and model data to discover useful information, draw conclusions, and support decision-making - Intermediate
The ability to effectively utilize applications like Word, Excel, PowerPoint, and Outlook to enhance productivity and perform various tasks efficiently. - Intermediate
Competence in managing and maintaining Active Directory, AWS, VMware, and Windows Server platforms. - Intermediate
Proficiency in configuring and supporting operating systems, database platforms, web technologies, secure network setups (VPN configuration), and the ability to recommend new network solutions based on industry trends and best practices. - Intermediate
Practical experience with Security Awareness Training (SAT) platforms like Immersive Labs, KnowBe4, and Ninjio. - Intermediate
Working knowledge and skills with Learning Management Systems such as Docebo, Moodle, SuccessFactors, LearnWorlds, and Blackboard. - Intermediate
Other Requirements
Completed Bachelor's Degree or relevant work experience required
3-5 years of experience working with large organizations on security engineering projects
Ability to travel to SHI, Partner, and Customer Eve
