IT Security Expert- Red Team Testing

Gritter Francona is looking for an IT Security Expert to join our team! The IT Security Expert will serve as part of the Cybersecurity Division by performing various types of assessments for Federal, State / Local / Tribal / Territorial, and Critical Infrastructure / Key Resources environments. The Security Expert will be expected to conduct a ninety (90) day black-box assessment that emulates an external attack from an advanced persistent threat (APT). This Red Teaming Assessment (RTA) black box style assessment tests the people, processes, and procedures in addition to the systems and security measures in place.

The IT Security Expert will assist in Vulnerability Management (VM) and Red Teaming Assessment (RTA). Primary responsibilities will include:

• Support initial infrastructure build-out for each Red Team Assessment.

• Support ongoing Red Team Assessments at the direction of the Government.

• Research and create solutions to the evolving problems sets presented within the scope of Red Team Assessments at the direction of the Government.

• Provide input and expertise in the development of SOPs at the direction of the Government.

• Provide user education in support of the VM mission.

• Serves as liaison and coordinates operations between the federal lead and the contract support
• Serves as Subject Matter Expert for the team

• Guides operational tempo at the discretion of the Federal Lead

• Attends and participates in Briefings and Conference Calls with Federal lead before and after assessment, providing technical expertise when required

• Minimum 5 years of experience (at least 2 in leadership or management capacity)

• 1 related industry certification (OSCP, OSCE, GPEN, GXPN or equivalent)

• Hands-on experience performing assessments, red team operations, tool development, penetration tests, and others, in all matters relating to information security.

• Be able to accurately convey technical matters to non-technical individuals, which includes, but not limited to report development and briefing personnel.

• Knowledge of FISMA and NIST 800 series standards

• In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing

• In-depth knowledge of the procedures of Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Assessments

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development