Senior Vulnerable Machine Engineer

About OffSec

Founded in 2007 by the creators of Kali Linux, OffSec (formerly known as Offensive Security) is the leading provider of continuous professional and workforce development, training, and education for cybersecurity practitioners. OffSec’s distinct pedagogy and practical, hands-on learning help organizations fill the infosec talent gap by training their teams on today’s most critical skills.

Become a part of our global presence and work from anywhere. With team members in over 40 countries, we believe in inspiring people of all backgrounds and communities. The OffSec team is composed of diverse, internationally published authors, conference speakers, and seasoned information technology professionals from both the private sector and governments worldwide.

Excited about our mission and what we do? Apply and join us!

About the Job

Are you experienced with network and system engineering with various operating systems, have earned your OSEP and/or more of our certifications? Are you passionate about sharing your knowledge with others to help train the next generation of cyber security professionals? If researching and identifying attack vectors and creating virtual machines that have engaging content about those attack vectors for individuals to learn and grow, this position might just be right for you!

Duties and Responsibilities

• Identifies topical and relevant vectors to include in the OffSec Labs

• Creates challenging virtual machines out of discovered vectors

• Creates engaging storyline to accompany any created virtual machines

• Coordinates with the Proving Ground teams to validate content additions are consistent with existing storyline

• Coordinates with the Infra team to install and update vulnerable machines

• Coordinates with the machine testing department to validate full testing coverage of all new content

• Coordinates with the Content-Dev team on vector creation and exploit implementation.

• Creates and monitors necessary automation to facilitate quick and repeatable virtual machine deployment

• Evaluates new and emerging products, technologies and make recommendations concerning the introduction of new technologies

• Ensures the selection and variety of available exploits in each lab is commensurate with the difficulty levels required

• Coordinates with the Sales team to ensure the selection of exploits is appropriate for the market audience

• Creates and updates documentation for each vulnerable machine created

  • Any new member of the team should be able to re-create a vulnerable machine from the documentation produced without assistance

• Regularly communicates vulnerable machine additions and deletions

• Actively searches out cross-sell and tie in opportunities with other Offensive Security properties (exploit-db.com, Proving Grounds, etc.)

Qualifications

• OSEP required

• Three to Five (3-5) or more years of experience in the field of, including:

  • Pentesting experience

  • Bug bounty hunting experience

  • Systems engineering in cyber security

  • System administration experience

    • MS Windows, ideally with Active Directory 

    • MS Windows Based Server Systems

    • POSIX Server Systems

    • Linux and Mac desktop environments

    • Scripting in Python or Bash/Powershell required plus basic .NET and VB scripting would be advantageous 

• Systems Engineering, Computer Science, Information Systems, and / or Information Assurance from an accredited institution or related specialized field is preferred.

• Strong written and verbal communication skills with an ability to present technical ideas clearly to technical and non-technical audiences

Work Location and Hours

This role is a full-time salaried position. It is a fully remote position. Work hours for this position are flexible and will be performed from a home office.

Direct Reports

This position has no direct reports.

OffSec provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.