Senior Security Engineer- Red Team

As a Senior Red Team Member on the Cyber Security team, you will be responsible for conducting Red Team exercises, vulnerability assessments, penetration tests, code reviews, and reporting of these findings to constantly drive security maturity in Medica’s on-premise and cloud environments.

You should have a firm grasp of security, system hardening, networking, penetration testing, red team tactics, threat emulation, system administration, and web application security. The ability to think outside the box and go beyond conventional attack paths and exploits is highly valued by our team.

Key Accountabilities:

• Red Team and Pen Testing Assessments
• Scope and perform penetration testing and vulnerability research of complex software and hardware for client services.
• Perform Red Team campaigns emulating threat actors TTP’s in Medica’s different environments. Detailing activities, vulnerabilities, and risks with the impact to management.
• Identify and assess vulnerabilities in systems and applications. This includes utilizing manual and automated testing methods to find and exploit code flaws, misconfigurations, insecure software, and logic flaws.
• Perform application security assessments and code reviews then meet with code owners to articulate findings and how to address these with secure coding practices.
• Keep cybersecurity training and knowledge current by monitoring the latest security threats and vulnerabilities.
• Write clear and concise reports detailing findings and recommendations.
• Join management and stakeholders on kick-off and discovery sessions to answer questions around the initial assessment and the results of testing.
• Collaboration
• Collaborate with Internal Security teams, Product Owners, Scrum Masters, and management.
• Find innovative solutions to problems to maintain a secure environment.
• Be part of an exciting Cyber Security team that drives the maturity of the company around Information Security.
  

Minimum Requirements:

• Bachelor's degree or equivalent experience in related field
• 10 years work experience beyond degree
• 5 years in IT with 3 years of work as a Red Teamer or Pen Tester
  
  

Preferred Qualifications:

• Strong knowledge of various operating systems (Windows, Linux), networks and cloud infrastructures, especially experience with Linux, Windows, and Active Directory.
• Proficiency in various scripting and programming languages such as Python, JavaScript, PowerShell, or C .
• Experience with Red Team and penetration testing tools and frameworks such as Metasploit, Burp Suite, Nmap, Sqlmap, CrackMapExec, Cobalt Strike, Sliver, Mythic, and Nessus.
• Knowledge of web application security, including experience with web application scanners and manual testing techniques.
• Experience with a variety of security tools and techniques and the ability to write scripts to automate tasks. Understanding of reverse engineering with tools such as GHIRDA, IDA Pro and others.
• Strong communication and report-writing skills.
• A degree or one recognized certification such as the CPTS penetration testing, CompTIA PenTest , OSCP or equivalent work experience is ideal.
• Experience with cloud and container technologies like AWS, Azure, GCP, and Kubernetes.
  
  

This position is a hub-based role which requires onsite presence. Frequency is determined by business need as decided by leadership and may be up to 3 days a week. To be eligible for consideration, candidates must reside within a commuting distance to our Minnetonka, MN Office.

The full salary range for this position is $100,200 - $171,700. Annual salary range placement will depend on a variety of factors including, but not limited to, education, work experience, applicable certifications and/or licensure, the position's scope and responsibility, internal pay equity and external market salary data. In addition to base compensation, this position may be eligible for incentive plan compensation in addition to base salary. Medica offers a generous total rewards package that includes competitive medical, dental, vision, PTO, Holidays, paid volunteer time off, 401K contributions, caregiver services and many other benefits to support our employees.

The compensation and benefits information is provided as of the date of this posting. Medica’s compensation and benefits are subject to change at any time, with or without notice, subject to applicable law.

Medica's commitment to diversity, equity and inclusion (DEI) includes unifying our workforce through learning and development, recruitment and retention. We consistently communicate the importance of DEI, celebrate achievements, and seek out community partnerships and diverse suppliers that are representative of everyone in our community. We are developing sustainable programs and investing time, talent and resources to ensure that we are living our values. We are an Equal Opportunity/Affirmative Action employer, where all qualified candidates receive consideration for employment indiscriminate of race, religion, ethnicity, national origin, citizenship, gender, gender identity, sexual orientation, age, veteran status, disability, genetic information, or any other protected characteristic.