Lead Offensive Research and Development Engineer (Remote)

Company: The Home Depot
Location: Hollywood
Posted on: November 18, 2021

Job Description:

POSITION PURPOSE The Home Depot is able to offer virtual employment of this position in the following states: AL, AK, AZ, AR, DE, DC, FL, GA, HI, ID, IL, IN, IA, KS, KY, LA, ME, MD, MA, MI, MN, MS, MO, MT, NE, NH, NJ, NM, NY, NC, ND, OH, OK, OR, PA, RI, SC, SD, TN, TX, UT, VT, VA, WA, WV, WI, WYThe Red Team R&D position is responsible for offensive security research, as well as tool and TTP capability development for technical engagements. As an example, this position will extend various technical capabilities like developing payloads and tools/TTPs that bypass current security controls, as well as development of exploits to assist Red Team operators throughout the attack chain during full-scope engagements.MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES 20% - Strategy & Planning:

• Researches and analyzes business trends and behavioral data to identify opportunities for improvements and new initiatives
• Leads the evaluation, development, and recommendation of specific technology products and platforms to provide cost-effective solutions that meet business and technology requirements
• Researches and designs best fit infrastructure, network, database, and security architectures for products
• Proactively creates and maintains tools for monitoring and support
• Participates in project planning and management across multiple efforts
• Develops formal training courses30% - Delivery & Execution:
  • Leads configuration, debugging, and support for infrastructure
  • Leads field and corporate roll-outs of technology
  • Leads the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs
  • Creates and optimizes specifications for technology solutions
  • Produces and manages purchase requests for hardware and software40% - Support & Enablement:
    • Collaborates with product and project teams to understand needs and enable them with infrastructure
    • Supports technology architecture design review efforts for project and product teams
    • Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate
    • Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions
    • Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability
    • Acts as a vendor liaison, owning resourcing, issue management, and documentation
    • Leads the production of in-house documentation around solutions
    • Monitors tools and proactively helps teams struggling with systems issues
    • Provides application support for software running in production
    • Creates scripts and tools that drive automation and enable product teams and end users to move towards self service
    • Acts as a mentor to more junior Systems Engineers10% - Learning:
      • Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impacts tools, training, and support necessary to keep systems up, running, and secure
      • Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice)
      • Proactively views articles, tutorials, and videos to learn about new technologies and best practices being used within other technology organizationsNATURE AND SCOPE Typically reports to the Systems Engineer Manager or Sr. Manager. Environment: Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Travel: Typically requires overnight travel less than 10% of the time.MINIMUM QUALIFICATIONS Must be eighteen years of age or older. Must be legally permitted to work in the United States. Education Required: The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent in a field of study related to the job. Years of Relevant Work Experience: 5+-years Physical Requirements: Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. Preferred Qualifications:
        • Solid experience with researching, developing, and weaponizing offensive security TTPs, to include lateral movement and persistence
        • Proficient in vulnerability analysis, fuzzing, reverse engineering, exploit development, assembly, and C/C++ programming
        • Fluent in C or C++, Assembly (x86/x64 and/or ARM/ARM64), and scripting languages (Python, Bash)
        • Extensive knowledge of operating systems internals (Windows, macOS or Linux)
        • Experience developing user mode or kernel mode exploits on modern platforms (Windows, macOS, Linux)
        • Strong understanding of modern security mitigations and how to bypass them (e.g., Stack Cookies, SafeSEH, DEP, ASLR, CFG,- etc.)
        • Proficient with reverse engineering using tools such as WinDBG, GDB, IDA Pro, Binary Ninja and Ghidra
        • Comprehensive knowledge of different bug classes and offensive exploitation techniques (e.g., integer/stack/heap overflows, use-after-free bugs, info leaks, type confusions)
        • Solid experience developing exploits and standalone PoCs
        • Comprehensive knowledge on bypassing endpoint security controls to include EDR, DLP, AV
        • Understands
        • Understands
        • Capable of source code review, as well as running web application assessmentsAdditional Qualifications:
          • Willingness to lead
          • Highly technical with solid grasp of security basics
          • Advanced subject matter expertise in 1-2 core offensive security areas
          • Ability to manage complex projects
          • Excellent communication skills
          • Capable of presenting technical subjects to non-technical audience
          • Provides mentorship
          • Preferred Certifications: OSCE, OSEP, OSWE, OSEE
          • Active in security community and contributes to open-source projects
          • 3-5 years of professional experience in IT or Cybersecurity
          • History of GitHub commits for personal projects
          • Knowledge of multiple programing languages
          • Published CVEs
          • Attends security conferences like Black Hat & DEF CON
          • Participates in CTF eventsKnowledge, Skills, Abilities and Competencies:
            • Cultivates Innovation: Creating new and better ways for the organization to be successful
            • Action Oriented: Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm
            • Business Insight: Applying knowledge of business and the marketplace to advance the organization s goals
            • Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
            • Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
            • Drives Results: Consistently achieving results, even under tough circumstances
            • Global Perspective: Taking a broad view when approaching issues; using a global lens
            • Interpersonal Savvy: Relating openly and comfortably with diverse groups of people
            • Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear
            • Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
            • Self-Development: Actively seeing new ways to grow and be challenged, using both formal and informal development channels
            • Situational Adaptability: Adapting approach and demeanor in real time to match the shifting demands of different situations
              Pay Rate: -

Keywords: The Home Depot, Hollywood , Lead Offensive Research and Development Engineer (Remote), Engineering , Hollywood, Florida