QUALIFICATIONS

• 5+ years of experience in offensive security, penetration testing, and vulnerability assessment
• Certified Ethical Hacker (CEH) and Offensive Security Certified Professional (OSCP) or equivalent. Additional relevant certifications (e.g., GIAC, GPEN, GWAPT) are a plus
• Proven track record in automating security testing and developing custom security tools
• Experience in working with third-party security service providers
• Solid understanding of security operations, including threat intelligence, threat detection, incident response, and offensive security
• Expertise in penetration testing tools and platforms (e.g., Metasploit, Burp Suite, Nessus, Kali)
• Strong coding and scripting skills in Python, Ruby, PowerShell, or similar languages
• Experience with automating offensive security tasks and processes
• Knowledge of security automation and orchestration platforms (e.g., SOAR)
• Understanding of APIs and integration techniques for security tools
• Embody Teck values in daily activities by being responsible and courageous, respectful and inclusive, alongside humble and driven
• You are aware of, have a desire to, with knowledge in, and the ability to increase maturity by building on context, manage and assess risk and trade-offs, and to standardize process through writing and review
• You can demonstrate personal accountability, radical transparency and a growth mindset

• Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
• Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st line of defense
• Develop and implement automated penetration testing scripts and tools and maintain offensive security scripts and automation tools using languages such as Python, Ruby, or PowerShell
• Conduct regular automated penetration tests and vulnerability assessments using industry-standard tools and custom scripts
• Integrate offensive security tools with other security platforms to enable seamless orchestration and automation
• Collaborate with the threat intelligence and detection teams to ensure a comprehensive and integrated security approach
• Continuously update and refine offensive security tools, techniques, and methodologies to address emerging threats
• Provide guidance and support to the detection and response team on day-to-day operations and strategic projects