Senior Consultant, Advisory Purple

Job Description

Company: Security Risk Advisors

Location: US

Job Description:
• Lead Purple Team Exercises: Plan, execute, and manage purple team exercises to evaluate the effectiveness of security controls and improve the organization’s defensive capabilities.
• VECTR Operations: Use the VECTR platform to document, track, and report on purple team activities. Ensure the platform is updated and maintained to reflect the latest testing methodologies and results.
• Test Preparation and Execution: Oversee the preparation, execution, and reporting of purple test cases. Ensure all activities are documented and outcomes are communicated effectively.
• Metrics and Reporting: Develop and track metrics for measuring test outcomes, including defense success metrics and trending over time to demonstrate improvements. Draft actionable observations and recommendations specific to client environments.
• Collaboration: Work closely with internal SRA teams, including Red and Blue, to integrate findings from purple team exercises into continuous improvement processes for each client.
• Client Interaction: Engage with clients to understand their security needs, provide insight into their tooling, and deliver top-tier customer service. Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
• Training and Development: Provide training and guidance to team members on purple team methodologies and the use of VECTR.
• Research and Innovation: Use knowledge gained during purple team exercises to conduct research initiatives with the purpose of improving our services and giving back to the community.
Requirements:
• Bachelor’s degree in computer science, cybersecurity, information technology, or a related field OR equivalent experience.
• Minimum of 3 years of experience in cybersecurity, with a focus on technical assessments, defensive toolsets, tabletop exercises, and incident response.
• Strong understanding of red and purple team methodologies and best practices.
• Excellent communication and reporting skills, with the ability to present complex technical information to non-technical stakeholders.
• Punctuality and timely attendance to external client and internal stakeholder needs.
• Relevant certifications (e.g., OSCP, CRTO, CISSP) are a plus.
• Proficiency in using the VECTR platform for managing and reporting on purple team exercises.
Benefits:
• Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.
• Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video, and phone sessions.
• Medical / Dental / Other (regular full-time employees only)
• – Generous medical, dental, and vision benefits at different price points.
• – Company-paid disability and life insurance.
• – Company 401(k) plan including annual 3% safe harbor contribution.
• – Free patient advocacy service that helps find care providers and resolve insurance queries.
• – Free financial advising.
• – Generous parental leave, sick leave, and vacation policies.
• – Possibility to work remotely or with a flexible schedule when needed and approved.
• – Company-paid cell phone with discounted accessories.
• – 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice.
• If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.
• – Other discounted, employee-paid benefits including pet insurance, legal support, and voluntary life insurance.
• (Subject to change)

Source: BeBee