Strong knowledge of current adversary techniques, tactics, and procedures
Hands-on experience performing penetration testing on large enterprise Windows networks
Thorough understanding of network protocols, data on the wire
Knowledge of common protocols such as HTTP, LDAP, KERBEROS, RPC, SSL, SSH etc.
Fundamental understanding of OS internals, memory allocators etc
Good knowledge of operating system internals, especially those relevant to authentication, access control, active directory and other facets of security
Proficiency in at least one scripting language (bash, python, powershell, etc.)
Ability to read, and audit C, C++
Autodidact and self-motivated
Ability to document and explain technical details in a concise, understandable manner
Preferred Skills and Experience:
Bachelor’s degree in a technical field
C++, C#, JavaScript Programming Experience
Experience in developing, extending, or modifying exploits, shellcode or exploit tools
Understanding of scale and performance aspects of real-time serving systems
Source code review for control flow and security flaws
Proficiency in using IDA Pro, Ollydbg/Immdbg, Windbg and/or other software analysis/debugging tools
Reverse engineering malware, data obfuscators, or ciphers
Industry certifications to include (but not limited to): OSCP, OSCE, GPEN
Experience with AWS/GCP/Azure