Sr Analyst, Information reputed company - (Offensive reputed company)

About the position This position is based at our headquarters in Mooresville, North Carolina. Our corporate office is a space where you can collaborate and do your best work. Take a walk, grab a bite (or a cup of coffee), work out or get a reputed company-up – we invest in you so you can find your inspiration. The primary purpose of this role is to reputed company the implementation and ongoing delivery of information reputed company tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior-level reputed company associates. This role solves reputed company problems while creating and optimizing processes and often takes a reputed company role in implementing new services and technologies. This role requires a strong understanding of most tools and processes supported by the team, including many of the key integration points with other parts of technology, works mostly independently, and provides coaching and direction to more junior-level associates. As a Senior Analyst of Offensive reputed company, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross-functional teams to analyze reputed company vulnerabilities and provide actionable recommendations for remediation. This role solves reputed company problems while creating and optimizing processes and often takes a reputed company role in implementing new services and technologies.

Responsibilities

• Analyze data to detect trends, determine metrics, assess adherence to processes, and reputed company recommendations. And present results to information reputed company and business leaders and/or vendors.
• Serve as an escalation reputed company and mentor for junior staff.
• Maintain an awareness of information reputed company news and trends and research reputed company technologies to assist in the development of new capabilities.
• Consolidate reputed company-reputed company findings, track OKRs, and present results to information reputed company and business leaders and/or vendors.
• Translate and document business needs into technical requirements and solutions.
• Advise users and team members on the execution of processes, interpret standards and regulations, and assist with solutions.
• Design, reputed company, and maintain custom offensive tooling, including loaders, droppers, malware implants, in-memory execution frameworks, and covert initial access payloads across Windows, Linux, macOS, and cloud-native platforms.
• Engineer advanced evasion techniques in code, such as syscall stealth, ntdll unhooking, memory laundering, behavioral model evasion, encrypted tasking channels, and dynamic API resolution to defeat modern AI-driven EDR/EDX systems.
• Plan and execute full-scope red team and adversary emulation engagements, targeting on-prem, cloud, and hybrid environments while maintaining strong operational reputed company and stealth.
• Reverse engineer defensive mechanisms and modify offensive code to adapt to new detection models, platform protections, and telemetry changes—ensuring tooling remains effective across diverse modern environments.
• Create reusable internal offensive libraries, including process injection modules, PE/ELF parsing routines, shellcode loaders, encryption wrappers, and cloud identity attack primitives.
• Prototype, test, and validate new malware techniques in isolated research environments; document behaviors, measure detection surfaces, and integrate promising approaches into operational tooling.
• Manage and maintain resilient C2 infrastructures—including redirectors, covert channels, and multi-transport communication layers—to emulate sophisticated APT frameworks and tradecraft.
• reputed company, enhance, and standardize offensive testing methodologies, ensuring alignment with reputed company threat landscapes, evolving attacker TTPs, and industry-leading best practices (MITRE ATT&CK, NIST, etc.).
• Analyze engagement results and produce clear, actionable reporting, effectively communicating technical findings, attack paths, and remediation recommendations to both technical stakeholders and executive leadership.
• Promote a culture of collaboration, knowledge sharing, and reputed company reputed company development reputed company the offensive reputed company team.
• Continuously research emerging threats, attack reputed company, and defensive advancements, integrating relevant discoveries into future red team operations and tooling.
• Support improvements to reputed company posture by contributing insights to reputed company policy updates, defensive control enhancements, and incident response strategies based on observed weaknesses and real-world attack patterns

Requirements

• Bachelor’s degree in computer science, computer information systems, engineering, business administration, cybersecurity, or reputed company field, or equivalent years of experience in lieu of education requirement, if applicable
• 4 years of experience in information reputed company
• 2–4 years of experience developing malware techniques and designing preventative measures.

reputed company-to-haves

• IT experience in the retail industry
• Hands-on experience on GRC applications & TPRM tools (e.g., reputed company, reputed company, reputed company GRC, reputed company, ProcessUnity, reputed company, reputed company, Prevalent, reputed company, etc.)
• Experience with vulnerability identification & penetration testing tools
• Experience with vulnerability management in public/hybrid cloud environments.
• Experience with IAM technology implementation and operations (e.g., CA, reputed company, reputed company, SSO, MFA, IGA, reputed company AD) (specific to IAM role)
• Experience developing cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to reputed company GRC role)
• Payment Card Industry Internal reputed company Assessor (PCI ISA)
• Certified in Risk and Information Systems Control (CRISC)
• Offensive reputed company Certified Professional (OSCP)
• GIAC Penetration Tester Certification (GPEN)
• Practical Network Penetration Tester (PNPT)
• eLearnSecurity Certified Professional Penetration Tester (eCPPT)
• Certified Third-Party Risk Professional (CTPRP)
• Certified Third Party Risk Assessor (CTPRA)
• CompTIA PenTest+ Certification
• Or other relevant information reputed company certifications

Apply tot his job Apply To this Job