20-074 Cyber Operator I (Red Team)

Systems Application & Technologies Inc
Fort George G Meade, MD
Sep 18, 2020
Sep 20, 2020
Accountant, IT
Full Time
Description: Work Location: Huntsville, AL Roles & Responsibilities: Full Time Exempt position OVERVIEW Red Team Cyber Operator/Penetration Tester serves as a Cybersecurity functional expert in support of Cyber-Electromagnetic Activities (CEMA) assessments of United States DOD warfighting platforms and networks. DUTIES INCLUDE: The following job functions are a basic requirement but are not limited to and may be assigned other duties. Qualified candidate will execute and support multiple-disciplined approaches to conducting penetration tests of networks; support rapid development of domain or problem-specific tools that leverage identified vulnerabilities; support research of the latest exploitation techniques and threat vectors; and assist with the design and configuration of representative test and assessment environments. Provide over-the-shoulder support to DOD Red Team Operator Must have a solid foundation and advanced knowledge of Information Assurance policy, compliance requirements and related measures including but not limited to Protect, Detect, React, Restore and Resilience metrics. Must be competent in the application of Cybersecurity T&E Guidebook procedures to all network, C4ISR, weapons platforms, etc. from Sensor to Shooter. The above duties shall be conducted using the following competencies: Advanced computer skills - extensive computer skills and an understanding of networking; experienced with cryptography, reverse engineering, web applications, databases, and wireless technologies Computer and information security - extensive experience with penetrating and exploiting secure networks and systems; currency with new security software packages, security protocols, and computer technologies Scripting and programming - highly skilled in computer programming and scripting Report writing - strong written and oral communication skills; extensive experience with generating reports and assessments Data analytics - extensive experience with conducting data reviews and performing analysis of processes relative to adversary network security Ethical Hacking - demonstrate knowledge of assessing the security of computer systems/networks by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system Coaching & Collaboration - demonstrate capability to provide over-the-shoulder support and assistance in a highly regulated Red Team Shooter environment Work Conditions: Work and operate in a TS/SCI and SAP/SAR environment and/or Sensitive Compartmented Information Facility (SCIF) Office Environment. Most work accomplished in an office environment utilizing phone, desktop computer and directly interfacing with employees and customers. The position will include 80% sitting, 5% reaching, 5% lifting 5% walking & 5% standing. Normal work days are Monday thru Friday. Office hours are typically 8am-5pm. Travel < 20%. Education/Experience/Skills: Bachelor's degree plus 6 years of relevant experience; Master's degree plus 4 year of relevant experience; Doctoral degree and 2 experience. A high school diploma or GED plus 8 years of relevant experience, or an Associate's degree plus 8 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree in Information Security, Information Technology, Computer Science, Programming, Mathematics Ethical Hacker certification Basic Scripting for the GHOSTMACHINE environment Leveraging LABBENCH + Jupyter to interface with GMAE - TCP/IP: three-way hand-shake, reconstruction One of the following certifications: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GCIH, CCFP, CCSP, CISSP, CSIH, CHFI, LPT, ECSA, OSCP, OSCE, OSWP, OSEE, EnCE Versed in Cyber Threat Actor Tactics, Techniques and Procedures (TTPs) Deep understanding of Cyber Kill Chain and applicable analytic models such the Diamond Model Network and Internetwork Routing - Domain Name System protocol and architecture Knowledge how an Intrusion Detection System works Knowledge how exploitation, implants and beacons work Programming languages (SQL, C ++, JavaScript, Ruby, and Python) Security assessment tools (Aircrack-ng, Burp Suite, SQLmap) Security frameworks (NIST, SOX, HIPPA) Operating systems (Linux, Unix, Windows) Current Driver License. Must be able to be insured through Company's vehicle insurance policy while driving work/government/rental vehicles during working hours, and for the duration of your work employment. US Citizenship. Must Currently Possess Top Secret/SCI All candidates will be required to pass a consumer report and/or consumer investigation to include SSN, Driver Record, Credit, and Criminal Background Investigation. All responses will be handled with strict confidentiality. Systems Application & Technologies, Inc. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status PM19 . Requirements: PI123654782

Similar jobs