Talent.com
Sr. Security Consultant - Offensive Security
Sr. Security Consultant - Offensive SecuritySHI • Saint Paul, MN, US
No longer accepting applications
Sr. Security Consultant - Offensive Security

Sr. Security Consultant - Offensive Security

SHI • Saint Paul, MN, US
14 days ago
Job type
  • Full-time
Job description

About Us

As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.

To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.

Job Description Summary

The Senior Security Consultant - Offensive Security is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients.

The Security Consultant supports the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This role involves developing governance models, collaborating with sales and technical teams, delivering training content, and staying informed on industry trends to ensure successful solution delivery and continuous improvement in security practices.

This position is remote with a Home Office setup as determined by Stratascale management.

Role Description

  • Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements.
  • Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment.
  • Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls.
  • Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations.
  • Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts.
  • Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling.
  • Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients and their stakeholders.
  • Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems.
  • Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation.
  • Develop and deliver governance models, security frameworks, compliance reporting, and security assessments.
  • Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery.
  • Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement.
  • Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met.
  • Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions.
  • Participate in customer and internal meetings, providing technical guidance and facilitating discussions.
  • Stay educated on new product technologies, industry trends, and emerging capabilities within the practice.
  • Develop and optimize cross-practice capabilities, collaborate with peer practice leaders, and mentor other consultants.

Behaviors and Competencies

  • Communication : Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication.
  • Relationship Building : Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management.
  • Self-Motivation : Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation.
  • Negotiation : Can take ownership of complex negotiations, collaborate with others, and drive consensus.
  • Impact and Influence : Can rally a team or group towards a common goal, creating a positive and persuasive influence.
  • Business Development : Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results.
  • Emotional Intelligence : Can use emotional information to guide thinking and behavior, manage and / or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same.
  • Detail-Oriented : Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks.
  • Follow-Up : Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion.
  • Presenting : Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences.
  • Delegation : Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles.
  • Analytical Thinking : Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively.
  • Critical Thinking : Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving.
  • Technical Troubleshooting : Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution.

    • Skill Level Requirements

  • Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate
  • Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG / MASVS / ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate
  • Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate
  • Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container / orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate
  • Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate
  • Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained / unconstrained delegation, ACL abuses, LAPS / MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate
  • Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate
  • Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate
  • Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate
  • Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate
  • Experience collaborating in red / purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate
  • Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate
  • Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate

    • Other Requirements

  • Completed Bachelor's Degree in a related field or relevant work experience required
  • 5–7 years of hands-on penetration testing / red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments.
  • Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed.
  • Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus).
  • Demonstrated understanding of legal / ethical considerations, testing authorization, and safe handling of client data

    • The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.

    Equal Employment Opportunity – M / F / Disability / Protected Veteran Status

    J-18808-Ljbffr

    Create a job alert for this search

    Security Security • Saint Paul, MN, US

    Related jobs
    Cortex XSIAM Consultant

    Cortex XSIAM Consultant

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    A company is looking for a Cortex XSIAM Consultant to join a premier cyber security organization remotely.Key Responsibilities Serve as a Technical Consultant for clients implementing Cortex XSIA...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Consultant (AI / ML Penetration Testing)

    Senior Security Consultant (AI / ML Penetration Testing)

    NetSPI LLC • Minneapolis, MN, US
    Full-time
    NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts.Specializing in 50+ pentes...Show more
    Last updated: 30+ days ago • Promoted
    Executive Services, Lead Corp Security Consultant

    Executive Services, Lead Corp Security Consultant

    Roundel • Minneapolis, MN, United States
    Full-time
    Job Title : Executive Services Lead Consultant • • • •Classification : Exempt • • • •Date : August 2025 • •Target is an iconic brand, a Fortune 50 company and one of America’s leading retailers.Working at Targe...Show more
    Last updated: 30+ days ago • Promoted
    Cyber Security Consultant

    Cyber Security Consultant

    Enhanced Information Solutions • Stillwater, MN, US
    Full-time
    Are you a motivated, technical Cybersecurity professional with experience in Industrial Control System (ICS) and Operational Technology (OT) environments? As a Cybersecurity Consultant for Enhanced...Show more
    Last updated: 30+ days ago • Promoted
    Security Solutions Technician

    Security Solutions Technician

    Century Security Solutions • Forest Lake, MN, US
    Full-time
    At Century Companies, our success is measured in centuries.Since 1917, our longer time horizon has lifted the company off the conventional treadmill of success and on a journey of significance putt...Show more
    Last updated: 7 days ago • Promoted
    Lead Security Engineer (Minneapolis)

    Lead Security Engineer (Minneapolis)

    Glocomms • Minneapolis, MN, US
    Part-time
    Glocomms is partnering with a fast growing health tech organization to search for a Lead Security Engineer to spearhead the design, implementation, and management of security systems that protect o...Show more
    Last updated: 8 days ago • Promoted
    Overnight Security Specialist

    Overnight Security Specialist

    Factory Motor Parts Co • Eagan, MN, United States
    Full-time
    Under general supervision, this position provides armed security at FMP's headquarters and performs routine security duties to protect individuals, property, and assets across multiple Factory Moto...Show more
    Last updated: 30+ days ago • Promoted
    Principal Security Consultant

    Principal Security Consultant

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    A company is looking for a Principal Security Consultant.Key Responsibilities Provide expert security consulting services to clients Develop and implement security strategies and solutions Cond...Show more
    Last updated: 30+ days ago • Promoted
    Director Technology - Network Security

    Director Technology - Network Security

    Target • Brooklyn Park, MN, US
    Full-time
    Pay is based on several factors which vary based on position.These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Tar...Show more
    Last updated: 2 days ago • Promoted
    Security Specialist

    Security Specialist

    City of Minneapolis • Minneapolis, MN, United States
    Full-time
    This position, equivalent to a Security Officer, provides essential uniformed security services for facilities owned and operated by the City of Minneapolis. Duties include patrolling, responding to...Show more
    Last updated: 15 days ago • Promoted
    XSOAR Consultant

    XSOAR Consultant

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    A company is looking for a Remote XSOAR Consultant (Automation).Key Responsibilities Collaborate with the technical lead to develop a log ingestion strategy Create high-quality correlation rules...Show more
    Last updated: 30+ days ago • Promoted
    Senior Offensive Security Engineer

    Senior Offensive Security Engineer

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    Offensive Security Engineer to expand its red team.Key Responsibilities Conduct Red Team assessments and identify vulnerabilities in software, systems, and networks Develop reports and presentat...Show more
    Last updated: 30+ days ago • Promoted
    Director, Cyber Security

    Director, Cyber Security

    KPMG • Minneapolis, MN, United States
    Full-time
    KPMG Advisory practice is currently our fastest growing practice.We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market envi...Show more
    Last updated: 30+ days ago • Promoted
    Security Officer - Armed - Open Availability

    Security Officer - Armed - Open Availability

    Allied Universal • Minneapolis, MN, US
    Full-time
    Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide you a sense of purpose. While working in a dynamic, welcoming, and collaborati...Show more
    Last updated: 23 days ago • Promoted
    Security Consultant II (AI / ML)

    Security Consultant II (AI / ML)

    NetSPI LLC • Minneapolis, MN, US
    Full-time
    NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts.Specializing in 50+ pentes...Show more
    Last updated: 30+ days ago • Promoted
    Cyber Security Consultant

    Cyber Security Consultant

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    A company is looking for a Senior Cyber Security Consultant.Key Responsibilities Lead the design and implementation of advanced PAM workflows Assist in integrating privileged accounts into the B...Show more
    Last updated: 15 days ago • Promoted
    Senior Security Solutions Architect

    Senior Security Solutions Architect

    VirtualVocations • Saint Paul, Minnesota, United States
    Full-time
    A company is looking for a Senior Security Solutions Engineer specializing in Zero Trust and Cloud Security.Key Responsibilities Partner with sales teams to drive pipeline and close deals for Zsc...Show more
    Last updated: 29 days ago • Promoted
    Security Officer

    Security Officer

    Securian • Saint Paul, MN, United States
    Full-time
    At Securian Financial, the internal title for this position is Security Sr Representative.Securian is looking to add an afternoon Security Officer to our team. The officer will be a key member of a ...Show more
    Last updated: 9 hours ago • Promoted • New!