Vacancy expired!
Supporting the Most Exciting and Meaningful Missions in the World
Red Cyber OperatorRED CYBER OPERATOR: Defense Threat Reduction Agency (DTRA), Fort Belvoir, VAThe DTRA Cyber Red Team is an applicant DoD Cyber Red Team looking for motivated, self-starters to help build the organization's red cyber capability and capacity in support of the Certification and Accreditation (C&A) process. The candidate's contributions will play an important role in the C&A process.Red Cyber Operators (RCO) emulate a potential adversary's offensive cyberspace operations and exploitation techniques against a targeted mission, system, network, component, or capability.RCOs action information gathered from readily available open source internet resources to identify exposed or compromised information, vulnerabilities and misconfigurations. The RCOs employ tools against these compromises, to demonstrate a loss of confidence in the target's functional and security posture forcing the target to operate in a degraded, disrupted, or denied cyber environment. RCOs will be assigned to both White and Red Cells.Prior to physical assessment operations, the RCOs will work closely with Red Cyber Analysts to identify targets, research, scan, and map networks. During these components of the assessment, RCOs will not deliver effects that could be categorized as anything but Reconnaissance or collecting technical targeting data. The purpose of reconnaissance is to gather information for network and information system characterization, identifying and gathering information on organizations through users that are determined to be of high value in answering PIRs or in the development of follow-on Red Team operations.When authorized by the customer, asset owner, or other stakeholder, the Red Cyber Operator will demonstrate a potential adversary's offensive based cyberspace operations or intelligence collection capabilities against a targeted mission or capability. Demonstrations will be performed under a "White Card" and conform to ethical, aka white hat hacking principles. All activities performed by Red Cyber Operators will comply with all US Cyber Command Standing Ground Rules.Responsibilities/Tasks- Characterize the adversary. Research the structure, ideology, intentions, tactics, and capabilities of adversarial organizations to develop threat characterization using a combination of both classified and unclassified sources.
- Contribute to threat emulation. Identify information requirements, develop assessment strategies and collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary courses of action and relevant information requirements (IR).
- Analyze and characterize targeted mission, system, network, component, or capability and conduct analysis appropriate to the program, identify essential functions/tasks and critical assets necessary to perform them as determined by the program leader.
- Contribute to developing adversary courses of action (CoA). Develop courses of action an adversary could employ in and through cyberspace directed against customer personnel, equipment, facilities, networks, information and information systems, infrastructure, and supply chains.
- Support field assessments from an adversary perspective. In conjunction with DoD Red Team Partners, conduct field assessments and demonstrate cyber courses of actions in accordance with Program Plans, operations orders, ground rules, and other directives.
- Synthesize findings to support vulnerability identification, course of action development, protection studies, trend analyses, risk analysis, and mitigation strategies.
- Develop a comprehensive understanding of the implications of vulnerabilities discovered by the other specialists and fuse those findings with the systems analysis and determine impacts to the national and military missions they support.
- Prepare activity reports including out briefs, senior leader briefs, interim progress reports (IPRs) and briefs, white papers, after action reviews, final reports, risk analysis products, and other documents necessary to convey assessment findings to customers, partners, and other stakeholders.
- Possess a Bachelor's (BS) or Master's (MS) degree in a Computer Science, Computer Forensics, Computer Engineering, Electrical Engineering, or a related technical discipline.
- With a BS, possess a minimum of 7 years (MS, 5 years) demonstrated operational experience in the military, other Federal Government or comparable civilian position in Cyberspace Operations (Offensive Cyberspace Operations, Defensive Cyberspace Operations, and Cyberspace Exploitation) Cyber Red Team, Penetration Testing, and/or Information Operations (IO).
- Demonstrated experienced with at least one automation scripting language (Powershell, Python, Perl, Ruby, Java, etc)
- Current active TS SCI clearance
- Offensive-Security Certified Professional (OSCP)
- Offensive-Security Certified Expert (OSCE)
- Offensive-Security Exploitation Expert (OSEE)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAPT)
- CompTIA Security + CE - CySA+ (CSA)
- GICSP GSEC - SSCP - CCNA Security
- Certified Ethical Hacker (CEH) - GSNA - CISA
- Knowledge, Training, or experience working with ICS/SCADA or IoT devices. GICSP, GCIP, GRID or ISA/IEC desirable.
- Have at least five demonstrated years of using open source tools and operating systems or hold a comparable Linux certification
- Possess working knowledge of Department of Defense's Cybersecurity Vulnerability Alert and Incident Response process.
- Possess excellent written and verbal communication skills.
- Possess a working knowledge of Computer Network vulnerability/compliance analysis software.
- Possess working knowledge of RMF processes Possess a working knowledge of Microsoft Office Suite to include an ability to prepare PowerPoint presentations, reports, and white papers.
Vacancy expired!