We are looking for:
Do you think like an adversary? Do you love breaking into systems and penetrating networks to reach a specified target? Are you capable of automating these processes? The Scenario Development team is charged with creating advanced, compelling automated attack scenarios for use in the SimSpace Platform.

SimSpace is growing its portfolio of offensive security content by integrating external tools as well as creating our own APT-inspired campaigns. We deliver a catalog of automated attack scenarios and the ability to create new attack components and scenarios from scratch, emulating a wide range of adversary behaviors. The SimSpace Platform provides full control of multi-step attacks along with detailed visualization and reporting.

The role of an Offensive Security Engineer working on the Scenario Development team includes the development, deployment, integration and automation of various components within the SimSpace Platform. Existing experience with penetration testing suites such as Metasploit, Cobalt Strike, and similar C2 frameworks is preferred, but not required. As an Offensive Security Engineer, you will have the opportunity to work with distributed systems, ensuring that each component and the system as a whole reliably emulate real-world threat actors at each step in the kill chain.

SimSpace follows the Agile process for development and utilizes modern toolchains and methods to develop our frameworks and services in teams.

What will you be doing as an Offensive Security Engineer at SimSpace?

• Research, implement, integrate and automate new attack content (attack tools, attack scenarios, etc.) into the Scenario Development portfolio
• Perform end-to-end testing of attack content to ensure functionality in common environments and the ability to evade common defensive tools
• Collaborate with our passionate software developers on the Offensive Engineering team to ensure that the Scenario Development team’s work is representative and useful during a variety of customer event types

What are the qualifications to apply? To be successful as an Offensive Security Engineer, you need:

• Understanding of tactics and techniques used during offensive network operations and the ability to modify them to subvert defensive countermeasures
• Demonstrable experience emulating real-world cyber threats, covering full attack chains and the application of threat intelligence
• Professional experience in Python 3, PowerShell, or other scripted languages (Ruby, Bash, Batch, PHP, etc.) and compiled languages (C/C++, Golang, etc.) 
• Demonstrated experience with distributed systems, communication frameworks (RESTful API and rMQ), network protocols and configuration, data handling, and the proper use of security constructs
• General cybersecurity knowledge including familiarity with industry standards like MITRE ATT&CK and D3FEND, the NIST Cybersecurity Framework, STIX/TAXII, and OpenIOC
• Experience with defensive tools/techniques such as industry standard host-based, network analysis, incident response, and forensics tools
• Experience with the commonly-used attack frameworks (Metasploit, Cobalt Strike, CANVAS, Empire, Core Impact, etc.)
• Relevant certifications from organizations like Offensive Security (OSCP/OSCE), or SANS (GPEN, GXPN, GWAPT), or equivalent experience with demonstrable requisite skills is a bonus
• Fluent with Git, GitHub, Docker, CI/CD and modern team software development and testing tools and practices, including Secure SDLC approaches
• Experience working with virtualization solutions

Additional skills:

• Strong verbal and written communication skills
• Ability to think “outside the box”, tying together capabilities to build resilient automated processes
• Proficiency in conceptualizing and implementing automated solutions and distributed systems
• Experience in developing robust, high-quality software that adheres to best practices in design, implementation, instrumentation, and security
• Self-starter who is highly motivated, accepting of other’s opinions/feedback, and can work effectively in a team

We offer the following benefits:

• Salary Range $110,000-$140,000
• 401k match with immediate vesting
• Flex time, the time off you need when you need it
• Equity options at hire and potential for additional based on performance
• Generous employee referral bonus program
• Peloton Interactive Wellness Program
• LinkedIn Learning Membership
• Monthly reimbursement for meaningful connections with other SimSpacers
• Comprehensive benefits package that start on day one