Description
We are eClinicalWorks. We are a privately held leader in healthcare IT, providing comprehensive, cloud based EHR/PRM solutions to medical professionals worldwide to improve workflows and reduce the risk of physician burnout. We care. We are committed to positive change. And that's where you come in. Do you value creativity and innovation Great, so do we. At eClinicalWorks, we share a passion for improving healthcare through dedication, education, and teamwork. Everyone has that one thing they're really good at. We value your talent and want you to join our fast-paced, fun, and culturally diverse environment. Ready to make a difference Apply today.
Overview
The Red Team Analyst will serve an important function as part of the overall cybersecurity strategy and risk management at eClinicalWorks, primarily focusing on offensive operations - identifying, analyzing and exploiting vulnerabilities across the digital landscape. You will be tasked with penetration testing, infrastructure and application reviews, red / purple team assessments and other related supporting activities. This position requires a solid background in offensive security tactics, techniques and procedures including proficiency with many common tools / frameworks. The successful candidate will have the ability, desire and responsibility to work independently but also collaborate well with other team members and personnel within the enterprise. Flexibility and a positive attitude are highly regarded.
Responsibilities
Implement network and application penetration testing engagements to uncover vulnerabilities
Execute red team operations emulating threat actors with wide ranging size and scope
Perform other security assessments and reviews via applicable methods and analysis
Provide recommendations based on risk factors and security best practices
Deploy, maintain and enhance infrastructure (systems, tools) for offensive operations
Conduct various periodic social engineering exercises
Produce clear documentation regarding activities with findings and results
Bolster relevant domain knowledge through content consumption, training, etc.
Support processes and teammates with optimism and versatility
Qualifications
Core Skills / Experience
4+ years of experience in enterprise cybersecurity with 2+ years pen testing / red teaming
Proficient working with common IT infrastructure components (Windows, Linux, Networking, Active Directory, Azure, etc.)
Experienced and adept with common tools (Kali, Metasploit, Nmap, Burp Suite, etc.)
Competent scripting skills (Python, Bash, PowerShell, etc.) and ability to apply creatively
Well-versed in information security controls and best practices
Knowledgeable in MITRE ATT&CK framework and attack methodologies
Knowledgeable in vulnerability analysis, classification and risks (CVSS, CVE, CWE)
Additional Skills / Experience
Relevant certifications (OffSec, Altered Security, SANS, Zero-Point, HTB, etc.)
Advanced knowledge and expertise in AV/EDR evasion and exploit development
Advanced knowledge and experience with Azure security controls and configuration
Compensation:
Salary Range - $150,000 - $190,000 USD
This role will receive a competitive salary and benefits. The salary for employees hired into this role will be aligned with the range above, exclusive of potential bonuses. If you are hired, your base salary will be determined based on factors such as professional background, skills, education, and experience.
eClinicalWorks offers a rich suite of benefits which include the following: eighteen days of Paid Time Off per year which scales based on tenure; nine Paid Holidays and one Floating Holiday; insurance for eligible employees which includes medical, dental, vision, basic life, short term disability, long term disability, business travel accident, and accidental death and dismemberment.
As well, we offer a 401(k) plan with a Company safe harbor contribution; Flexible Spending Account for Health Care and Dependent Care for eligible employees; limited personal leave; additional voluntary benefits, including additional insurance (hospital indemnity, critical illness, accident, supplemental life, short term disability buy up, pet), genetic testing, legal plan, and supplemental accidental death and dismemberment; and an annual discretionary bonus for eligible employees.
eClinicalWorks is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills, and experiences that bring us together and help create a healthy world.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
