SRA’s mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It’s Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal.
These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages people of all backgrounds to apply.

SUMMARY/OBJECTIVE

This role is part of SRA’s Advisory Services team, with a focus on Purple Teams. The Senior Consultant will be responsible for leading and executing advanced purple team testing programs for Fortune 1000 companies. This role requires expertise in using the VECTR platform for managing and reporting on these exercises. The ideal candidate will have a strong background in cybersecurity, penetration testing, and incident response.

REQUIRED EDUCATION AND EXPERIENCE

• Punctuality and timely attendance to external client and internal stakeholder needs.
• Bachelor’s degree in computer science, cybersecurity, information technology, or a related field OR equivalent experience.
• Minimum of 3 years of experience in cybersecurity, with a focus on technical assessments, defensive toolsets, tabletop exercises, and incident response.
• Strong understanding of red and purple team methodologies and best practices.
• Excellent communication and reporting skills, with the ability to present complex technical information to non-technical stakeholders.

PREFERRED QUALIFICATIONS AND EXPERIENCE

• Relevant certifications (e.g., OSCP, CRTO, CISSP) are a plus.
• Proficiency in using the VECTR platform for managing and reporting on purple team exercises.

ESSENTIAL FUNCTIONS

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Lead Purple Team Exercises: Plan, execute, and manage purple team exercises to evaluate the effectiveness of security controls and improve the organization’s defensive capabilities.
• VECTR Operations: Use the VECTR platform to document, track, and report on purple team activities. Ensure the platform is updated and maintained to reflect the latest testing methodologies and results.
• Test Preparation and Execution: Oversee the preparation, execution, and reporting of purple test cases. Ensure all activities are documented and outcomes are communicated effectively.
• Metrics and Reporting: Develop and track metrics for measuring test outcomes, including defense success metrics and trending over time to demonstrate improvements. Draft actionable observations and recommendations specific to client environments.
• Collaboration: Work closely with internal SRA teams, including Red and Blue, to integrate findings from purple team exercises into continuous improvement processes for each client.
• Client Interaction: Engage with clients to understand their security needs, provide insight into their tooling, and deliver top-tier customer service. Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
• Training and Development: Provide training and guidance to team members on purple team methodologies and the use of VECTR.
• Research and Innovation: Use knowledge gained during purple team exercises to conduct research initiatives with the purpose of improving our services and giving back to the community.

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.