Red Team Architect



Technology architect for the Security environment. Enhances, implements and ensures that the ISO 27000 based Security Framework is sound strategically and tactically. Works with Enterprise and other Information Technology Architects on projects. Acts as internal consultant providing security consulting services to project teams (architectural guidance, critical technical support, etc.).


Primary Activities and Responsibilities

  • Identify and communicate risks to Technology owners to promote a robust cyber risk management program allowing CSX to proactively triage and remediate flaws in Information Technology and Operational Technology systems.
  • Conduct active and passive penetration testing on Information Technology and Operational Technology environments.
  • Engage with Technology and Engineering teams to explain results and provide guidance on remediation of identified vulnerabilities.
  • Lead the Vulnerability Management activities within the Information Security Working Group, a cross functional team of Technology Operations and Applications team members responsible for reducing the cyber-attack surface of CSX systems.
  • Coordinate testing efforts of external red teaming and penetration teams engaged by CSX.
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
  • Manage production issues and incidents and participate in problem and change management forums.
  • Assist with the resolution of negative audit findings reported by internal or external auditors.

Knowledge and Skills

  • Network penetration testing and manipulation of network infrastructure
  • Mobile and/or web application assessments
  • Shell scripting or automation of simple tasks using Python.
  • Developing, extending, or modifying exploits, shellcode, or exploit tools.
  • Knowledge of application technology security testing (white box, black box and code review)
  • Adheres to and improves upon company Information Security policies and procedures; mastery of core technical concepts; supports and assists in response to security events and escalations; may provide disaster recovery support; responsibilities may extend beyond day-time business hours, including on-call rotation.
  • Technical agility and strong analytical skills.
  • Knowledge of mainstream operating systems (for example, Microsoft Windows and Linux) and a wide range of security technologies, such as network security appliances, identity and access management systems, anti-malware solutions, automated policy compliance and desktop security tools
  • Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts.
  • Strong written and verbal communication skills
  • Strong analytical skills
Skill ID Statement
S0001 Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
S0009 Skill in assessing the robustness of security systems and designs.
S0044 Skill in mimicking threat behaviors.
S0051 Skill in the use of penetration testing tools and techniques.
S0137 Skill in conducting application vulnerability assessments.
S0364 Skill to develop insights about the context of an organization’s threat environment
  • Blue Team Technician
  • Red Team Technician
  • Computer Network Defense (CND) Auditor
  • Ethical Hacker
  • Information Security Engineer
  • Internal Enterprise Auditor
  • Penetration Tester
  • Network Security Engineer
  • Reverse Engineer
  • Risk/Vulnerability Analyst
  • Technical Surveillance Countermeasures Technician
  • Vulnerability Manager

Environment Screenshots