Cigna Red Team Senior Manager in St. Louis, Missouri
Red Team Lead
A successful Red Team Senior Manager should possess a deep understanding of both information security and computer science and have experience leading a team of highly technical teams, such as offensive operators, penetration testers, etc. They should understand advanced Red Team concepts such as performing covert operations against complex networks while remaining entirely undetected, advanced application manipulation, and basic programming concepts. They should be able to improve the overall detection and response capabilities of the organization by understanding TTPs, developing engagements that emulate specific TTPs and engaging with the Blue Team during and post engagement.
Red Team managers are the lead project managers for all offensive engagements. This includes scoping prospective engagements, managing team metrics, establishing team goals and objectives, conducting performance reviews and 1 on 1 meetings, obtaining and scheduling resources for projects, managing multiple projects from kickoff to completion, and delivering out-briefs. Managers are vital to the project lifecycle and must be able to deliver successful projects with little to no oversight.
At Cigna, you’ll be working and managing some of the best experts in the industry and faced with complex problem-solving opportunities daily. We help protect some of the most sensitive and valuable data for millions of members throughout the world and red teaming is critical to validating our global security posture. You are expected to quickly assimilate new information as you will face new environments across the globe on a regular basis. You will be expected to understand the relevant threat vectors to each environment and properly assess them, engage with Threat Intel for the latest TTP, work with Hunt and Incident Response to develop engagements and effectively communicate the results of engagements. You will get to work with and manage some of the best red teamers in the industry, causing you to develop new skills as you progress through your career.
The objective doesn’t end at gaining “domain admin” or “root” but through the successful completion of the engagement objectives and our ultimate mission of improving security as a result of red teaming. You will be expected to work closely with the blue team in both red and purple team engagements. As the Red Team manager, your success will be partially measured not only by how well you can evade the blue team but by how well you can demonstrate improving the blue team.
Are you up to the challenge?
Manage engagements, with a focus on advanced Red Team operations. Provide both subject matter expertise and project management experience to serve as the “point person” for engagements
Bachelor's degree in a technical field or equivalent experience
Minimum combined five (5) years of experience as red team operator, penetration tester or leading / managing technical teams
Assist with scoping engagements, participating in engagements from kickoff through completion, and mentoring less experienced staff
Polished presentation skills, to include capabilities at technical and executive levels
Identify, develop and market new red team capabilities
Supervise staff, provide feedback and coaching, and grow their technical and management skills
Improve program maturity and red team methodologies.
3-5 years of experience in at least three (3) of the following:
Network penetration testing and manipulation of network infrastructure
Mobile and/or web application assessments
Shell scripting or automation of simple tasks using Perl, Python, or Ruby
Developing, extending, or modifying exploits, shellcode or exploit tools
Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
Reverse engineering malware, data obfuscators, or ciphers
Source code review for control flow and security flaws
Strong knowledge of tools used for wireless, web application, and network security testing
Thorough understanding of network protocols, data on the wire, and covert channels
Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.)
Strong understanding of the MITRE ATT&CK frameworks
Must be eligible to work in the US without sponsorship
Excellent verbal and written communication skills
Ability to manage multiple projects and manage tight deadlines
Prior training and public speaking engagement experience preferred
Ability to document and explain technical details in a concise, understandable manner
Ability to manage and balance own time among multiple tasks, and lead junior staff when required
This position is not eligible to be performed in Colorado.
Cigna Corporation (NYSE: CI) is a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. We offer an integrated suite of health services through Cigna, Express Scripts, and our affiliates including medical, dental, behavioral health, pharmacy, vision, supplemental benefits, and other related products. Together, with our 74,000 employees worldwide, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation.
When you work with Cigna, you’ll enjoy meaningful career experiences that enrich people’s lives while working together to make the world a healthier place. What difference will you make? To see our culture in action, search #TeamCigna on Instagram.
Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.
If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.