Job Details

ID #16681026
State Virginia
City Fortbelvoir
Job type Permanent
Salary USD TBD TBD
Source Pacific Architects and Engineers Incorporated - Military Friendly 2021 Silver Employer
Showed 2021-07-12
Date 2021-07-01
Deadline 2021-08-30
Category Internet engineering
Create resume

Red Cyber Operator

Virginia, Fortbelvoir, 22060 Fortbelvoir USA

Vacancy expired!

Supporting the Most Exciting and Meaningful Missions in the World

Red Cyber Operator

RED CYBER OPERATOR: Defense Threat Reduction Agency (DTRA), Fort Belvoir, VA

The DTRA Cyber Red Team is an applicant DoD Cyber Red Team looking for motivated, self-starters to help build the organization's red cyber capability and capacity in support of the Certification and Accreditation (C&A) process. The candidate's contributions will play an important role in the C&A process.

Red Cyber Operators (RCO) emulate a potential adversary's offensive cyberspace operations and exploitation techniques against a targeted mission, system, network, component, or capability.

RCOs action information gathered from readily available open source internet resources to identify exposed or compromised information, vulnerabilities and misconfigurations. The RCOs employ tools against these compromises, to demonstrate a loss of confidence in the target's functional and security posture forcing the target to operate in a degraded, disrupted, or denied cyber environment. RCOs will be assigned to both White and Red Cells.

Prior to physical assessment operations, the RCOs will work closely with Red Cyber Analysts to identify targets, research, scan, and map networks. During these components of the assessment, RCOs will not deliver effects that could be categorized as anything but Reconnaissance or collecting technical targeting data. The purpose of reconnaissance is to gather information for network and information system characterization, identifying and gathering information on organizations through users that are determined to be of high value in answering PIRs or in the development of follow-on Red Team operations.

When authorized by the customer, asset owner, or other stakeholder, the Red Cyber Operator will demonstrate a potential adversary's offensive based cyberspace operations or intelligence collection capabilities against a targeted mission or capability. Demonstrations will be performed under a "White Card" and conform to ethical, aka white hat hacking principles. All activities performed by Red Cyber Operators will comply with all US Cyber Command Standing Ground Rules.

Responsibilities/Tasks
  • Characterize the adversary. Research the structure, ideology, intentions, tactics, and capabilities of adversarial organizations to develop threat characterization using a combination of both classified and unclassified sources.
  • Contribute to threat emulation. Identify information requirements, develop assessment strategies and collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary courses of action and relevant information requirements (IR).
  • Analyze and characterize targeted mission, system, network, component, or capability and conduct analysis appropriate to the program, identify essential functions/tasks and critical assets necessary to perform them as determined by the program leader.
  • Contribute to developing adversary courses of action (CoA). Develop courses of action an adversary could employ in and through cyberspace directed against customer personnel, equipment, facilities, networks, information and information systems, infrastructure, and supply chains.
  • Support field assessments from an adversary perspective. In conjunction with DoD Red Team Partners, conduct field assessments and demonstrate cyber courses of actions in accordance with Program Plans, operations orders, ground rules, and other directives.
  • Synthesize findings to support vulnerability identification, course of action development, protection studies, trend analyses, risk analysis, and mitigation strategies.
  • Develop a comprehensive understanding of the implications of vulnerabilities discovered by the other specialists and fuse those findings with the systems analysis and determine impacts to the national and military missions they support.
  • Prepare activity reports including out briefs, senior leader briefs, interim progress reports (IPRs) and briefs, white papers, after action reviews, final reports, risk analysis products, and other documents necessary to convey assessment findings to customers, partners, and other stakeholders.

Required Skills/Qualifications
  • Possess a Bachelor's (BS) or Master's (MS) degree in a Computer Science, Computer Forensics, Computer Engineering, Electrical Engineering, or a related technical discipline.
  • With a BS, possess a minimum of 7 years (MS, 5 years) demonstrated operational experience in the military, other Federal Government or comparable civilian position in Cyberspace Operations (Offensive Cyberspace Operations, Defensive Cyberspace Operations, and Cyberspace Exploitation) Cyber Red Team, Penetration Testing, and/or Information Operations (IO).
  • Demonstrated experienced with at least one automation scripting language (Powershell, Python, Perl, Ruby, Java, etc)
  • Current active TS SCI clearance
Possess at least ONE (1) of the following certifications or obtain within 180 days of hire:
  • Offensive-Security Certified Professional (OSCP)
  • Offensive-Security Certified Expert (OSCE)
  • Offensive-Security Exploitation Expert (OSEE)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Penetration Tester (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)

Possess at least ONE (1) of the following certifications based on DoD 8570.1-M requirements at a minimum IAT Level II:
  • CompTIA Security + CE - CySA+ (CSA)
  • GICSP GSEC - SSCP - CCNA Security
  • Certified Ethical Hacker (CEH) - GSNA - CISA

Desired Skills:
  • Knowledge, Training, or experience working with ICS/SCADA or IoT devices. GICSP, GCIP, GRID or ISA/IEC desirable.
  • Have at least five demonstrated years of using open source tools and operating systems or hold a comparable Linux certification
  • Possess working knowledge of Department of Defense's Cybersecurity Vulnerability Alert and Incident Response process.
  • Possess excellent written and verbal communication skills.
  • Possess a working knowledge of Computer Network vulnerability/compliance analysis software.
  • Possess working knowledge of RMF processes Possess a working knowledge of Microsoft Office Suite to include an ability to prepare PowerPoint presentations, reports, and white papers.

#LI-PRIORITY

#Cyber #CyberSecurity #Analyst #Security+ #Penetration #Pentesting #CEH # +CE # #CIH #Threat #CySA+

PAE is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.

EEO is the Law Poster

EEO is the Law Poster Supplement

Vacancy expired!

Subscribe Report job