Job Summary

Offensive Security (OffSec) is the pioneer and leading provider of online penetration testing and certification. Built upon the belief that the only way to achieve sound defensive-security is to take an offensive approach, OffSec's rigorous training programs have become the industry-standard and its certified alumni highly sought-after. The company has sustained itself organically over the years, depending almost exclusively on its incredible brand authority and highly loyal customer base to drive product awareness and student acquisition. As the market for information security continues to expand at an unprecedented rate and the competitive landscape evolves, OffSec is shifting to a more proactive, marketing-driven growth strategy.
Responsibilities:
Defines and implements information security strategies and procedures.
Works with engineering teams to define and refine information security and systems management policies and settings.
Monitors and assesses vendor and 3rd party information security reports/lists.
Evaluates new and emerging products, technologies and make recommendations concerning the introduction of new technologies.
Coordinates, administers, manages and monitors the use of access control systems security tools and intrusion detection systems to identify anomalous events and security infractions that exploit system vulnerabilities.
Integrates information security controls into an environment to identify risks and reduce their impact.
Provides analysis of potential risk to information security and recommends solutions.
Creates and maintains information security documentation.
Communicates information security procedures to users.
Act as a resource for team members with less experience.
Performs network security monitoring, security event triage, and incident response for a mid-size organization, coordinates with other team members, management to document and report incidents
Will be part of rotating SOC shifts supporting 24/7 coverage
Nights and weekends shifts may be required after sufficient training
Monitors and analyzes Intrusion Detection Systems (IDS)
Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS)
Vulnerability scanning and patch management, access control governance and oversight, exceptions tracking, security tool management, tuning, and configuration, along with metrics and reporting.
Be a primary for or support ongoing projects by assisting in the implementation, testing and documentation of security related projects
Requirements
OSCP
Bachelor's degree in the appropriate discipline and three (3) years of relevant experience
Systems Engineering, Computer Science, Information Systems, and / or Information Assurance from an accredited institution or related specialized field is preferred.
Three (3) or more years of experience in the field of systems engineering in cyber security / risk management in a client-facing role.
Strong written and verbal communication skills with an ability to present technical risks and issues to non-technical audiences