Red Team Operator, Senior
Posted on: 4 Jan 2021
Fort Belvoir, VA
Job Description
Red Team Operator, Senior
Key Role:
Assess the state of the client organizations cybersecurity efforts from the perspective of an adversary with malicious intent targeting their people, processes, and technologies. Process cyber threat intelligence in accordance with the intelligence cycle. Build an understanding of the types of tactics, techniques, and procedures (TTPs) these adversaries may employ that would be most damaging to the organizations security posture. Leverage the MITRE ATT&CK framework to develop threat models and methodologies in building operational engagement plans. Create test cases each individual TTP found in ATT&CK as well as custom and more advanced variants to assess the organizations coverage across a spectrum of intrusion sets and scenarios. Develop and use malware, pivoting, and escalating privileges to test the organizations security effectiveness. Ensure that Red Team operations performed on production environments are done in a safe and responsible manner.
Basic Qualifications:
-5 years of experience in an IT or Cybersecurity field
-2 years of experience with DoD Red Team operations, offensive penetration testing, or cyber threat emulation
-Experience with one or more scripting languages, including Python, Bash, JavaScript, or PowerShell
-Knowledge of OWASP, MITRE ATT&CK, and CIS Critical Security Controls
-Knowledge of testing tools, including Kali Linux, Metasploit, Nmap, Burp Suite, Qualys, Nessus, OWASP, Powersploit, or Cobalt Strike
-Knowledge of network mapping, vulnerability scanning, penetration testing, Web Application testing, database operations, and system or network administration
-Knowledge of the procedures of phishing assessments, wireless assessments, operating system security assessments, and database assessments
-Active TS/SCI clearance
-AA or AS degree
-DoD 8140 IAM III Certification
Additional Qualifications:
-Knowledge of testing API, AWS, Azure, and other Cloud-based environments preferred
-GIAC, GPEN, GWAPT, GXPN, OSWE, OSCP, OSCE, OSWP, or OSEE Certification
-CEH, CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH, AWS, or Azure Certification preferred
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.
Were an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristicto fearlessly drive change.
Booz Allen Hamilton
McLean, VA
We are a global firm of approximately 26,300 diverse, passionate, and exceptional people driven to excel, do right, and realize positive change in everything we do.
We bring bold thinking and a desire to be the best in our work in consulting, analytics, digital solutions, engineering, and cyber, and with industries ranging from defense to health to energy to international development.
We celebrate and value diversity in all its forms; it’s something we truly value as a multicultural community of problem solvers. We believe in corporate and individual citizenship that make our communities better places for all.
We have one guiding purpose—to empower people to change the world. Our founder, Edwin Booz said it best: “Start with character… and fear not the future.” We bring a ferocious integrity to not only train our clients to tackle the problems they face today, but to help them change the status quo for tomorrow. Each day, we imagine, invent, and deliver new ways to better serve our employees, our clients, and the world.
-
IndustryInformation Technology
-
No. of Employees25,803
-
Website
-
Jobs Posted2790
