Red Team Senior Analyst, Cybersecurity (Hybrid) - New Jersey, Mahwah 325 Corporate Dr

Work Flexibility: Hybrid

As a Red Team Security Analyst at Stryker you will have a strong understanding in multiple domains. You will work closely with teams throughout Information Security, as well as provide technical leadership and advice to teams and leaders throughout Stryker with a variety of business verticals to understand how we operate at a deep, technical level.  You will leverage the knowledge you gain about Stryker to find new ways to break services, processes, and technologies throughout the company.

The Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical Stryker assets.

Who we want

Effective communicators. People who can interpret information clearly and accurately to concisely communicate results and recommendations to stakeholders, senior management, and their teams.

Subject matter experts. Managers who not only oversee the collection, review, and analysis of data but can interpret, translate, and present on all various matters as needed.

Quality-focused team drivers. People who push their team to deliver the highest quality products and solutions in a timely manner.

What you will do

• Perform independent research and ongoing study to continuously develop and upskill technical knowledge and capabilities.
• Perform Vulnerability Assessments and manual validation of vulnerabilities, as required, and conduct all phases of Penetration Tests and Red Team engagements throughout Stryker independently, or as part of a team.
• Create detailed Operations engagement plans and conduct associated research and scoping and maintain accurate logs of engagements, and step-by-step documentation of testing efforts.
• Develop accurate, comprehensive reports and debriefs for both executive and technical audiences.
• Simulate adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK, Cyber Kill Chain, and other sources of information.
• Configure payloads, scripts, and tools to fulfill needs of the team.
• Keep current with the latest offensive security TTP’s as correlated with threat intelligence and industry trends.
• Participate in meetings to assist and guide stakeholders in efforts, such as remediation of vulnerabilities.
• Work with Blue Team members to help both teams understand and improve detection and response.

What you need

• Bachelor’s degree or equivalent professional experience (6+ years) required.
• Bachelor’s in Computer Science or related field preferred.
• Must be able to demonstrate hands-on Penetration testing methodology in a live evaluation.
• 2+ years of professional experience required.
• 1+ year work experience in an IT, Cybersecurity, or Software Development field required.
• 1+ Hands-on certification, specifically PJPT, eJPT, PNPT, OSCP, CPTS, eCPPT, GPEN, GWAPT, OSWA, or Burp Suite Certified Professional are strongly preferred (other certifications or training completed considered on a case-by-case basis, if based on hands-on skills.
• Knowledge and understanding in 2+ security domains (e.g., security engineering, system and network security, authentication and security protocols, cryptography, application security, incident response, access control, penetration testing) required.
• Strong knowledge of Networking and Active Directory fundamentals required.
• Experience in a Red Teaming or Penetration testing role, including various types (e.g., network, AD, web app, API, cloud, iOT, Wifi, hardware, physical, social engineering, reverse engineering preferred.
• Experience with common Operating Systems (Linux, Windows Server) required, MacOS also preferred.
• Experience writing scripts in two or more scripting and development languages like (e.g., Bash, PowerShell, Python, Ruby, C/C++, Java, .NET, JavaScript) preferred.

Travel Percentage: 20%

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer – M/F/Veteran/Disability.

Stryker Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.