We Believe in Better!

We are a global information technology company that builds high-performance, security-centric solutions that can help change the world. Enhancing people's lives through secure, reliable advanced technology is our vision.

At Unisys, we believe in better! Here, you have the opportunity to learn new skills, apply your expertise, and solve complex problems with cutting edge technologies and solutions. You are part of a global diverse team that supports you, drives change, and delivers successful results consistently.

Our associates are at the forefront of everything we do, driving our clients' successes while giving back to communities and making this world a safer and more secure place to live and work. Our success is a direct result of the work of our people who live and breathe our .Simply put, we believe in better lives. Join us!

Learn more about Unisys and our key solution offerings: , , ,

What success looks like in this role:

Specifically, the Candidate will be responsible for:

• To be a key technical resource for various projects and IT teams, to provide sign off for testing documentation, or to assist in the testing solutions.
• To lead the evaluation of target systems, including developing threat models, conducting security analysis and testing, demonstrating vulnerabilities and documenting the results.
• Perform assessments of different types of information systems (web, OS, mobile, IoT, etc.) and networks to determine the effectiveness of defense-in-depth architecture against known vulnerabilities based on policies and industry best practices. Works with stakeholders, assists with remediation solutions, and compares and contrasts various system attack techniques and develops operationally effective countermeasures.

Additional Responsibilities will include:

• Perform network penetration and manipulation of network infrastructure; web and mobile application testing; source code reviews; threat analysis; wireless network assessments; and social-engineering assessments.
• Scripting or automation of simple tasks using various scripting and programming tools as needed.
• Developing, extending, or modifying exploits, shellcode or exploit tools.
• Reverse engineering malware, data obfuscators, or ciphers.
• Strong knowledge of tools used for wireless, web application, and network security testing.
• Thorough understanding of network protocols, data on the wire, and covert channels.
• Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.).
• Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.
• Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk.
• Selects, installs, and configures security testing platforms and tools or develop tools and procedures for penetration tests.
• Provide regular risk briefings to senior management on findings and develop remediation approaches and recommendations to improve cybersecurity posture.
• Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Windows or Unix/Linux.
• Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Effectively communicate findings and strategy to client stakeholders including technical staff and executive leadership.
• Recognize and safely utilize attacker tools, tactics, and procedures.
• Develop scripts, tools, or methodologies to enhance red teaming processes.
• Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.

You will be successful in this role if you have:

• Bachelor's Degree from an accredited college or university (or additional eight (8) years of related experience in lieu of degree) required.
• High degree of experience with the following technologies:
  • Cobalt Strike, Kali Linux
  • PowerShell, C#, GhostPack, Bloodhound
  • Metasploit, Metasploit Pro
  • Nmap, Burp Suite, Nessus, Netsparker
    
• Certifications in CEH, LPT, OSCP and CEPT are a nice to have.

• Ability to successfully interface with clients (internal and external).

• Ability to document and explain technical details in a concise, understandable manner.

• Ability to manage and balance own time among multiple tasks, and lead junior staff when required.

• Experience with utilizing penetration testing frameworks such as MITRE ATT&CK & OWASP.

• Excellent communication and interpersonal skills.