Senior Security Consultant - Offensive Security As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com. The Senior Security Consultant - Offensive Security is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This role involves developing governance models, collaborating with sales and technical teams, delivering training content, and staying informed on industry trends to ensure successful solution delivery and continuous improvement in security practices. This position is remote with a Home Office setup as determined by Stratascale management. Role Description Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. Participate in customer and internal meetings, providing technical guidance and facilitating discussions. Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. Behaviors and Competencies Communication Relationship Building Self-Motivation Negotiation Impact and Influence Business Development Emotional Intelligence Detail-Oriented Follow-Up Presenting Delegation Analytical Thinking Critical Thinking Technical Troubleshooting Skill Level Requirements Expertise in designing, implementing, and managing cloud-based solutions to optimize performance, scalability, and cost-efficiency Proficiency in implementing and managing cloud security frameworks, compliance standards, and governance models Ability to understand and articulate various security technologies, including firewalls, endpoint protection, email security, and identity management, to identify and address customer security challenges Ability to oversee and direct projects to completion, ensuring goals are met, resources are utilized efficiently, and stakeholders are satisfied Proficiency in implementing and managing DevOps practices, including continuous integration, continuous delivery, infrastructure as code, and monitoring to enhance the collaboration between development and operations teams Ability to examine, clean, transform, and model data to discover useful information, draw conclusions, and support decision-making The ability to effectively utilize applications like Word, Excel, PowerPoint, and Outlook to enhance productivity and perform various tasks efficiently. Competence in managing and maintaining Active Directory, AWS, VMware, and Windows Server platforms. Proficiency in configuring and supporting operating systems, database platforms, web technologies, secure network setups (VPN configuration), and the ability to recommend new network solutions based on industry trends and best practices. Practical experience with Security Awareness Training (SAT) platforms like Immersive Labs, KnowBe4, and Ninjio. Working knowledge and skills with Learning Management Systems such as Docebo, Moodle, SuccessFactors, LearnWorlds, and Blackboard. Other Requirements Completed Bachelor's Degree or relevant work experience required 5 - 7 years of experience working with large organizations on security engineering projects Ability to travel to SHI, Partner, and Customer Events Advanced industry certifications preferred The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity M/F/Disability/Protected Veteran Status