Talent.com
Principal Consultant, Offensive Security, Proactive Services (Unit 42) - Fort Meade

Principal Consultant, Offensive Security, Proactive Services (Unit 42) - Fort Meade

Palo Alto NetworksWashington, DC, United States
30+ days ago
Job type
  • Full-time
Job description

Overview

Our Mission

At Palo Alto Networks® everything starts and ends with our mission :

Being the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who We Are

We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.

As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!

Your Career

The Principal Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients. The individual will utilize a variety of tools developed and act as a key team member and leader in client engagements. They will be the client’s advocate for cybersecurity best practices and will provide strong recommendations in this domain.

Your Impact

Assist in the development of internal infrastructure design for research, development, and testing focused on offensive security

Conducts periodic scans of networks to find and detect vulnerabilities

Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools

Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel

Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients

Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements

Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems. (mobile application testing, penetration testing, application, security, and hardware testing)

Conduct threat hunting and / or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Unit 42 and Palo Alto Networks’ threat hunting tools (and / or client owned hunting instrumentation where applicable)

Assist Unit 42 Leadership in the development of security standards and best practices for the organization and recommend security enhancements as needed

Able to conduct cyber risk assessments using frameworks or standards like NIST CSF, ISO 27001 / 2, PCI, CIS Top 20, CMMC, or other industry measurement tools

Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses after receiving permission from client stakeholders

Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach

Ability to perform travel requirements as needed to meet business demands (on average 30%)

Your Experience

6+ years of professional experience in an offensive security role, resulting in subject matter expertise in at least three core service offerings - network penetration testing, phishing, web application penetration testing, red team exercises, physical penetration tests, source code analysis, wireless penetration testing

Experience managing a team of consultants

Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)

Ability to modify known and / or craft custom exploits in a manner that evades detection from prominent EDRs

Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing

Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities

Knowledge and experience in conducting cyber risk assessments using industry standards

Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)

Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C / C++, C#, or Java

Experience with industry standard tools, including Nessus, OpenVAS, Mythic, Metasploit, Burp Suite Pro, Cobalt Strike, and Bloodhound

Knowledge of application, database, and web server design and implementation

Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'

Knowledge of open security testing standards and projects, including OWASP & MITRE ATT&CK

Ability to scope new opportunities with prospective clients, including drafting statements of work and proposals

Identified ability to grow into a valuable contributor, specifically

have an external presence via public speaking, conferences, and / or publications

have credibility, executive presence, and gravitas

be able to have a meaningful and rapid delivery contribution

have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products

be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team

Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent military experience to meet job requirements and expectations

Mandatory DoD Security Clearance Requirements

This position requires an active DoD clearance at the Top Secret / Sensitive Compartmented Information (TS / SCI) level; Counterintelligence Scope Polygraph preferred but not required

Mandatory Location and Onsite Support Requirements

All applicants must live near a major US military installation to facilitate support for an ongoing DoD contract; close proximity to Fort Meade is preferred. Any proposed military installation other than Fort Meade shall be subjected to approval by our client. Questions regarding approved locations can be coordinated with either the PANW recruiter or Unit 42 interviewers during the early phases of a candidate’s evaluation process.

The candidate will be required to work onsite within a classified workspace at a US military installation for the first year of employment. Continued onsite work may be required in response to client requirements or contract renewal.

The Team

Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture.

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales / commissioned roles) is expected to be between $151000 - $208000 / YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here (http : / / benefits.paloaltonetworks.com / ).

Our Commitment

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple : we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

#J-18808-Ljbffr

Create a job alert for this search

Principal Consultant • Washington, DC, United States

Related jobs
  • Promoted
  • New!
Security Engineer, Federal Assurance

Security Engineer, Federal Assurance

Scale AI, Inc.Washington, DC, United States
Full-time
Compensation packages at Scale for eligible roles include base salary, equity, and benefits.The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for...Show moreLast updated: 6 hours ago
  • Promoted
Senior IT Security Engineer

Senior IT Security Engineer

VirtualVocationsBaltimore, Maryland, United States
Full-time
A company is looking for a Senior IT Security Operations Engineer.Key Responsibilities Monitor, detect, analyze, and respond to security events and incidents using various security tools Conduct...Show moreLast updated: 2 days ago
  • Promoted
Physical Security Advisor

Physical Security Advisor

Oceaneering International, Inc.Hanover, MD, United States
Full-time
Oceaneering Technologies (OTECH) develops, manufactures, and operates customized marine systems, shipboard equipment, subsea vehicles, and engineered solutions for commercial and U.Oceaneering Aero...Show moreLast updated: 5 days ago
  • Promoted
Security Engineer (Infrastructure), Public Sector

Security Engineer (Infrastructure), Public Sector

Scale AI, Inc.Washington, DC, United States
Full-time
Scale is a vital part of bringing AI-enabled technologies to the world, from autonomous driving to drones, robots, and large language models. For example, Scale works with the world's top self-drivi...Show moreLast updated: 30+ days ago
  • Promoted
  • New!
Incident Engagement Manager

Incident Engagement Manager

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for an Incident Engagement Manager.Key Responsibilities Coordinate Business Email Compromise (BEC) and Data Mining projects from initiation to completion Ensure documentatio...Show moreLast updated: 14 hours ago
  • Promoted
Senior Security Program Manager

Senior Security Program Manager

VirtualVocationsBaltimore, Maryland, United States
Full-time
A company is looking for a Sr Security Technical Program Manager, Remote.Key Responsibilities Oversee and manage security initiatives across all security pillars Create project plans and support...Show moreLast updated: 30+ days ago
  • Promoted
Security Analyst Consultant

Security Analyst Consultant

VirtualVocationsBaltimore, Maryland, United States
Full-time
A company is looking for a Security Analyst - Consultant.Key Responsibilities Champion DevSecOps through security automation by designing, implementing, and maintaining security tools Monitor an...Show moreLast updated: 1 day ago
  • Promoted
Defensive Cyber Operations (DCO) Systems Manager

Defensive Cyber Operations (DCO) Systems Manager

LeidosOdenton, MD, US
Full-time
Leidos has a current job opportunity for a.Defensive Cyber Operations (DCO) Systems Manager.DISA GSM-O II program supporting the DISA Joint Operations Center (DJOC) embedded with.DISA Headquarters,...Show moreLast updated: 12 days ago
  • Promoted
Program Security Supervisor

Program Security Supervisor

The Johns Hopkins University Applied Physics LaboratoryLaurel, MD, United States
Full-time
Are you searching for an exciting security professional position as a leader of security staff engaged in activities designed to meet and maintain Department of Defense (DoD) Special Access Program...Show moreLast updated: 30+ days ago
  • Promoted
Senior Corporate Security Engineer

Senior Corporate Security Engineer

VirtualVocationsBaltimore, Maryland, United States
Full-time
A company is looking for a Senior Corporate Security Engineer to enhance enterprise security operations.Key Responsibilities Manage and optimize Sumo Logic SIEM for threat detection and investiga...Show moreLast updated: 28 days ago
  • Promoted
Workday Security Analyst

Workday Security Analyst

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Workday Security Analyst to configure, maintain, and advise on security within the Workday application ecosystem. Key Responsibilities Manage Workday security configurat...Show moreLast updated: 1 day ago
  • Promoted
  • New!
Blue Team Security Engineer

Blue Team Security Engineer

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Security Engineer, Blue Team.Key Responsibilities Conduct security risk assessments of third parties and evaluate supplier security risks Build security tooling and au...Show moreLast updated: 6 hours ago
  • Promoted
  • New!
Security Professional - Armed Government Patrol License

Security Professional - Armed Government Patrol License

Allied UniversalAlexandria, VA, United States
Full-time
Security Professional - Armed Government Patrol License.Wednesday, Thursday, Friday, Saturday.Allied Universal, North America's leading security and facility services company, offers rewarding care...Show moreLast updated: 18 hours ago
  • Promoted
FIPS 140 Security Engineer

FIPS 140 Security Engineer

ALTA IT ServicesColumbia, MD, US
Permanent
Job Title : FIPS 140 Security Engineer Location : Columbia, Maryland Type : Contract To Hire Compensation : $62.Contractor Work Model : Remote Security Clearance : No active clearance is required.Citizen...Show moreLast updated: 5 days ago
  • Promoted
  • New!
Security Projects Specialist - Sinai Hospital

Security Projects Specialist - Sinai Hospital

LifeBridge HealthBaltimore, MD, US
Part-time
Security Projects Specialist - Sinai Hospital \n \n \n \n \n.Part-time w / Weekend Commitment - Day shift - 8 : 00am-4 : 30pm\n. Apply Now\n \n \n \n\n \n \n \n\n \n \n\n \n Save Job\n Saved\n \n.Plays a ...Show moreLast updated: 1 hour ago
  • Promoted
AI Security Engineer

AI Security Engineer

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Security Engineer with a focus on AI.Key Responsibilities Support ongoing security operations including monitoring, incident response, and risk assessment Assess and m...Show moreLast updated: 30+ days ago
  • Promoted
  • New!
Security Engineer (Palo Alto XSOAR)

Security Engineer (Palo Alto XSOAR)

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Security Engineer (Palo Alto XSOAR).Key Responsibilities Oversee Palo Alto XSOAR architecture, implementation, and troubleshooting Develop log ingestion and aggregatio...Show moreLast updated: 12 hours ago
  • Promoted
Senior Threat Intelligence Manager

Senior Threat Intelligence Manager

VirtualVocationsBaltimore, Maryland, United States
Full-time
A company is looking for a Sr Manager, Threat Intelligence to lead proactive cyber defense efforts through intelligence-driven strategies. Key Responsibilities Lead and mentor a team of threat int...Show moreLast updated: 1 day ago
  • Promoted
Workday Security Architect

Workday Security Architect

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Workday Security Architect to lead the redesign and optimization of a large enterprise Workday security environment. Key Responsibilities Lead design sessions with stake...Show moreLast updated: 1 day ago
  • Promoted
Senior Cloud Security Architect

Senior Cloud Security Architect

VirtualVocationsAlexandria, Virginia, United States
Full-time
A company is looking for a Senior Information Security Architect (Remote).Key Responsibilities Develop and implement a comprehensive cloud security strategy aligned with organizational goals and ...Show moreLast updated: 30+ days ago