BB&T Suntrust Now Truist Jobs

Careers

Job Information

Truist Red Team Operator in Charlotte, North Carolina

Req ID: R0046622

The position is described below. If you want to apply, click the Apply button at the top or bottom of this page. You'll be required to create an account or sign in to an existing one.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email toAccessibilityor call 877-891-2510 (accommodation requests only; other inquiries won't receive a response).

Regular or Temporary:

Regular

Language Fluency: English (Required)

Work Shift:

1st shift (United States of America)

Please review the following job description:

The Truist Red Team conducts full spectrum adversary emulations in order to identify risk and assess the efficacy of controls from the perspective of real-world threat actors. Red Team findings and recommendations have an immediate and direct contribution to the defensive posture of the bank and the security of its customers.

The Red Team Operator will identify risk in the Truist environment through:

• Network Penetration Testing

• Web Application Penetration Testing

• Wireless Penetration Testing

• Social Engineering

• Physical Penetration Testing

As a result, the Red Team Operator will:

  • Have demonstrated experience conducting black box red teaming or penetration testing

  • Have proficiency with penetration testing tools, suites, and frameworks such as Cobalt Strike (Kits included), BurpSuite/OWASP Zap, Metasploit, Nessus, Nmap.

  • Have demonstrated experience with Python, JS, VBA, Bash, batch, Assembly, C/C++, Go, .Net, Java, or custom C2/implant development

  • Possess a strong foundational knowledge of networking, protocols, operating systems, active directory, git, Win32 API’s, and web applications

  • Possess a strong foundational knowledge of network controls (AV, EDR, WAF, etc.) as well as evasion strategies and techniques

  • Possess a foundational knowledge of up-to-date offensive/C2 infrastructure design and development

  • Have demonstrated experience documenting findings and remediation recommendations in a manner understandable to both technical and non-technical stakeholders

  • Be able to communicate findings and remediation recommendations to technical and non-technical stakeholders in a professional and articulate manner

Preferred Skills:

  • Demonstrated experience of cloud-based architectures including Azure and AWS

  • Demonstrated experience conducting cloud penetration testing

  • DFIR Experience

  • Demonstrated experience developing or modifying existing exploits, shellcode, or offensive tools

  • Financial service industry experience

Desired Certifications: OSCP, OSEP, GPEN, GWAPT, eCPPT, eWAPT, CRTO, PNPT, etc.

Desired Education: High School Diploma, Bachelor’s Degree, Master’s Degree

Truist supports a diverse workforce and is an Equal Opportunity Employer who does not discriminate against individuals on the basis of race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Drug Free Workplace.

Thank you for your interest in Truist! BB&T and SunTrust have come together in a transformational merger of equals to create Truist, the premier financial organization in the country. You may notice references to our legacy company names, BB&T and SunTrust, in places throughout this site. All such references should be understood to refer to Truist moving forward while we continue to transition to the Truist name.

EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify

© 2017 SunTrust Banks, Inc. All rights reserved.

SunTrust is federally registered service marks of SunTrust Banks, Inc.

DirectEmployers