We are excited to be named one of the World’s Best Workplaces by Fortune Magazine! We are proud to offer you 12 paid holidays annually, as well other great perks. For an overview of our benefits and time off, please follow this link to learn more: US Stryker employee benefits. (https://d25zu39ynyitwy.cloudfront.net/oms/000000/document/2024/6/SMVZW_USStrykerEmployeebenefits/USStrykerEmployeebenefits.pdf)

As a Red Team Security Analyst at Stryker you will have a strong understanding in multiple domains. You will work closely with teams throughout Information Security, as well as provide technical leadership and advice to teams and leaders throughout Stryker with a variety of business verticals to understand how we operate at a deep, technical level. You will leverage the knowledge you gain about Stryker to find new ways to break services, processes, and technologies throughout the company.

The Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical Stryker assets.

Who we want

Effective communicators. People who can interpret information clearly and accurately to concisely communicate results and recommendations to stakeholders, senior management, and their teams.

Subject matter experts. Managers who not only oversee the collection, review, and analysis of data but can interpret, translate, and present on all various matters as needed.

Quality-focused team drivers. People who push their team to deliver the highest quality products and solutions in a timely manner.

What you will do

• Perform independent research and ongoing study to continuously develop and upskill technical knowledge and capabilities.

• Perform Vulnerability Assessments and manual validation of vulnerabilities, as required, and conduct all phases of Penetration Tests and Red Team engagements throughout Stryker independently, or as part of a team.

• Create detailed Operations engagement plans and conduct associated research and scoping and maintain accurate logs of engagements, and step-by-step documentation of testing efforts.

• Develop accurate, comprehensive reports and debriefs for both executive and technical audiences.

• Simulate adversary Tactics, Techniques, and Procedures (TTPs) by leveraging frameworks such as MITRE ATT&CK, Cyber Kill Chain, and other sources of information.

• Configure payloads, scripts, and tools to fulfill needs of the team.

• Keep current with the latest offensive security TTP’s as correlated with threat intelligence and industry trends.

• Participate in meetings to assist and guide stakeholders in efforts, such as remediation of vulnerabilities.

• Work with Blue Team members to help both teams understand and improve detection and response.

What you need

• Bachelor’s degree or equivalent professional experience (6+ years) required.

• Bachelor’s in Computer Science or related field preferred.

• Must be able to demonstrate hands-on Penetration testing methodology in a live evaluation.

• 2+ years of professional experience required.

• 1+ year work experience in an IT, Cybersecurity, or Software Development field required.

• 1+ Hands-on certification, specifically PJPT, eJPT, PNPT, OSCP, CPTS, eCPPT, GPEN, GWAPT, OSWA, or Burp Suite Certified Professional are strongly preferred (other certifications or training completed considered on a case-by-case basis, if based on hands-on skills.

• Knowledge and understanding in 2+ security domains (e.g., security engineering, system and network security, authentication and security protocols, cryptography, application security, incident response, access control, penetration testing) required.

• Strong knowledge of Networking and Active Directory fundamentals required.

• Experience in a Red Teaming or Penetration testing role, including various types (e.g., network, AD, web app, API, cloud, iOT, Wifi, hardware, physical, social engineering, reverse engineering preferred.

• Experience with common Operating Systems (Linux, Windows Server) required, MacOS also preferred.

• Experience writing scripts in two or more scripting and development languages like (e.g., Bash, PowerShell, Python, Ruby, C/C++, Java, .NET, JavaScript) preferred.

Health benefits include: Medical and prescription drug insurance, dental insurance, vision insurance, critical illness insurance, accident insurance, hospital indemnity insurance, personalized healthcare support, wellbeing program and tobacco cessation program. Financial benefits include: Health Savings Account (HSA), Flexible Spending Accounts (FSAs), 401(k) plan, Employee Stock Purchase Plan (ESPP), basic life and AD&D insurance, and short-term disability insurance. Stryker offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually. Depending on customer requirements employees and new hires in sales and field roles that require access to customer accounts as a function of the job may be required to obtain various vaccinations as an essential function of their role.

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer – M/F/Veteran/Disability.