Program Manager- Red Team Testing

Gritter Francona is looking for an IT Security Expert/Program Manager to join our team! The Expert/Program Manager will serve as part of the Cybersecurity Division by performing various types of assessments for Federal, State / Local / Tribal / Territorial, and Critical Infrastructure / Key Resources environments. The employee will be expected to conduct a ninety (90) day black-box assessment that emulates an external attack from an advanced persistent threat (APT). This Red Teaming Assessment (RTA) black box style assessment tests the people, processes, and procedures in addition to the systems and security measures in place.

The Security Expert/Program Manager will assist in Vulnerability Management (VM) and Red Teaming Assessment (RTA). Primary responsibilities will include a mix of program management and technical duties:

• Operational Red Team Testing job functions:

• Support initial infrastructure build-out for each Red Team Assessment.

• Support ongoing Red Team Assessments at the direction of the Government.

• Research and create solutions to the evolving problems sets presented within the scope of Red Team Assessments at the direction of the Government.

• Provide input and expertise in the development of SOPs at the direction of the Government.

• Provide user education in support of the VM mission.

• Serves as liaison and coordinates operations between the federal lead and the contract support
• Program Management job functions:
• Provide overall strategic management
• Defines program scope and objectives
• Manages schedule, budget and risk
• Develop program management plans, work breakdown structures, master schedules, resource plans, status reports and risk management documentation

• Minimum 5 years of operational experience (at least 2 in leadership or management capacity)

• 1 related industry certification (OSCP, OSCE, GPEN, GXPN or equivalent)

• Hands-on experience performing assessments, red team operations, tool development, penetration tests, and others, in all matters relating to information security.

• Be able to accurately convey technical matters to non-technical individuals, which includes, but not limited to report development and briefing personnel.

• Knowledge of FISMA and NIST 800 series standards

• In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing

• In-depth knowledge of the procedures of Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Assessments

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development