External Attack Surface Management (EASM) Engineer

Job Title: External Attack Surface Management Engineer

Duration: 12+ months 

Location: Remote or a local office (Charlotte NC, Raleigh NC, or Atlanta GA)

Required Pay Scale: $95-100/hr W2 only

***Due to client requirements this role is only open to USC or GC candidates***

Job Summary: The Cybersecurity Senior Engineer (Attack Surface Management) is responsible for designing, implementing, and maturing advanced security validation capabilities to safeguard enterprise systems and applications. This role focuses on continuous security validation through External Attack Surface Management (EASM) tools, integration with existing security infrastructure, and providing actionable insights to strengthen the firm’s cyber resilience. The engineer partners with cross-functional teams to simulate real-world adversarial tactics, techniques, and procedures (TTPs), evaluate control effectiveness, and recommend enhancements that align with enterprise risk management and regulatory standards.

Project Details:

1. Lead EASM Validation and Engineering: Investigate and reproduce findings from EASM platforms (e.g., exposed services, misconfigurations, weak crypto, DNS issues, leaked assets)
2. Perform Active/Passive Reconnaissance: Familiarity with open-source techniques and tools for profiling attack surface
3. Advance EASM Capabilities: Develop tuning logic for discovery seeds and asset correlation. Continuously improve signal fidelity and automate common validation tasks
4. Design and Execute BAS Scenarios: Plan and conduct realistic cyberattack simulations that mirror real-world threat actor TTPs across enterprise environments.
5. Analyze Simulation Results: Assess BAS outcomes to identify security control gaps, vulnerabilities, and opportunities for improved detection and response.
6. Provide Actionable Recommendations: Develop and communicate prioritized recommendations to strengthen security policies, procedures, and technical controls.
7. Collaborate Across Teams: Work with red, blue, and purple teams, as well as incident response and threat intelligence groups, to adjust alerts, rules, and detection logic.
8. Threat Hunting and Intelligence: Leverage threat intelligence to inform EASM scenarios and proactively address emerging threats.
9. Vulnerability Management Support: Contribute to the identification, prioritization, and remediation of vulnerabilities based on simulation and testing results.
10. Documentation and Reporting: Maintain detailed documentation of ASM & BAS methodologies, procedures, and findings; communicate technical results clearly to both technical and non-technical stakeholders.
11. Continuous Integration/Continuous Deployment (CI/CD): Design, develop and maintain CI/CD Pipeline(s) (e.g., Gitlab, Terraform, AWS, Jenkins, Github)
12. Automation/Scripting: Design and Execute automation scripts (e.g., Python, Powershell, Bash, etc.)

Must Haves

• Python Scripting
• MITRE ATT&CK Mapping
• Automation
• Experience with any BAS tool (safebreach, mandiant, cymulate, scythe, attackIQ

Desired Skills

About Matlen Silver

Experience Matters. Let your experience be driven by our experience. For more than 40 years, Matlen Silver has delivered solutions for complex talent and technology needs to Fortune 500 companies and industry leaders. Led by hard work, honesty, and a trusted team of experts, we can say that Matlen Silver technology has created a solutions experience and legacy of success that is the difference in the way the world works.

Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.

If you are a person with a disability needing assistance with the application or at any point in the hiring process, please contact us at email and/or phone at: [email protected] // 908-393-8600

At The Matlen Silver Group, Inc., W2 employees are eligible for the following benefits:

• Health, vision, and dental insurance (single and family coverage)
• 401(k) plan (employee contributions only)