What are the responsibilities and job description for the Cyber Red Team Operator with Security Clearance position at Breakpoint Labs, LLC?
Cyber Red Team Operator BreakPoint Labs is seeking Cyber Red Team Operators to support a Department of Defense client emulate potential nation-state peer adversary cyber reconnaissance, exploitation techniques, and attack capabilities against a targeted mission, system, network, component, or capability. Successful candidates will be passionate about offensive cyber operations and the technical disciplines involved in emulating sophisticated adversarial activity to demonstrate cyber risk-to-mission. Responsibilities include :
- Plan and execute computer network operations against U.S. government organizations worldwide to strengthen information system security, identify intrusions and vulnerabilities, and recommend mitigation strategies.
- Maintain operational, technical, and authoritative situational awareness during threat emulation-based exploitation and operations.
- Perform advanced penetration tests against U.S. government organizations as required.
- Perform remote operations from Ft. Belvoir, VA, and / or travel to and perform operations on-site at various locations.
- Produce and present formal and informal reports, briefings, and perspectives on adversarial behavior and attacks against target systems, technologies, operations, and missions provided to customers, including DoD Senior Leaders.
- Write high-level technical reports and develop and present briefings documenting findings, concerns, trends, and implications for DoD officials and customers, enabling personnel to consider the most significant technical and high-level factors when committing DoD resources to mitigate identified vulnerabilities and threats to critical national assets, networks, and systems.
- Provide mentorship to other Cyber Red Team Members.
- Support the development of Cyber Red Team training modules, standard operating procedures, assessment planning, assessment reporting, white papers, briefs, and other technical documentation. Experience :
- Offensive security or significant penetration testing experience
- Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situational awareness reports, and briefings
- Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level.
- DoD Cyber Team experience (desired, not required)
- Expertise in anti-virus evasion, EDR evasion, offensive infrastructure, phishing and social engineering campaigns, and / or penetration testing of critical infrastructure, networking, IoT, and wireless devices (desired, not required)
- Cyber Red Team professional certifications and training (desired, not required) ○ Red Team Apprentice Course (RTAC) ○ Red Team Journeyman Course (RTJC) ○ Certified Red Team Operator (CRTO) certification ○ Offensive Security Certified Professional (OSCP) ○ Rogue Ops- Red Team 1 (ROPS) ○ GIAC Exploit Researcher & Advanced Penetration Tester (GXPN) ○ GIAC Penetration Tester (GPEN) ○ GIAC Web Application Penetration Tester (GWAP)
- Experience working with Command and Control (C2) frameworks such as Cobalt Strike highly desired Certifications :
- Must hold one of the following DoD 8140 / 8570 IAT Level III certifications : ○ Certified Information Systems Security Professional (CISSP) ○ Certified Information Systems Auditor (CISA) ○ GIAC Certified Incident Handler (GCIH) ○ GIAC Certified Enterprise Defender (GCED) ○ CompTIA Advanced Security Practitioner (CASP) Security Clearance : Minimum Secret with the ability to obtain a DoD TS / SCI