Blu Omega
Blu Omega is seeking a Red Team Cyber Analyst join our team onsite in Port Hueneme/Ventura County, CA. In this role, you'll work side by side a talented team of Cybersecurity professionals, ensuring the security of our DOD customer.
This role requires an Interim Secret Clearance, at minimum.
The Red Team Analyst is responsible for simulating real-world cyber threats and attacks to assess the organization's security posture. This role involves planning, executing, and reporting on adversarial exercises to identify vulnerabilities, test detection and response capabilities, and improve overall cyber resilience. You'll contribute to the planning, execution, and reporting of offensive security operations against Operational Technology (OT) targets in alignment with client's cybersecurity objectives. Additionally, you'll support development of infrastructure, tools, and process as required to meet NSA DoD Cyber Red Team certification.
The assigned personnel will support Red Team activities targeting mission critical OT systems in various environments. Activities will include:
1. Threat Emulation and Red Team Operations
Simulate real-world threats targeting ICS/SCADA, PLCs, RTUs, and HMIs. Emulate known APT campaigns (e.g., TRITON, INDUSTROYER, BlackEnergy). Plan and execute adversarial simulations and penetration tests specifically targeting OT systems, including ICS, SCADA, PLCs, and related devices. Develop attack scenarios using threat intelligence and TTPs relevant to OT/ICS environments (e.g., ransomware, supply chain attacks, lateral movement). Execute lateral movement from IT to OT environments. Assess the security of network segmentation and trust boundaries. Conduct physical process manipulation within approved parameters. Ensure all activities comply with legal, ethical, safety, and organizational standards, especially regarding operational continuity and safety. 2. Testing and Vulnerability Assessment
Conduct protocol fuzzing and exploit testing (e.g., Modbus, DNP3, OPC UA, BACnet). Enumerate devices, services, and control logic in OT environments. Identify insecure configurations, default credentials, and exposed interfaces. Provide attack path modeling across converged IT/OT architectures. Collaborate with OT security, engineering, and Blue Team personnel to assess and improve detection and response capabilities. 3. Planning and Coordination
Participate in tabletop exercises and scenario development with engineering and operations teams. Assist in defining operational parameters, including Rules of Engagement (RoE), deconfliction processes, and rollback contingencies. 4. Documentation and Reporting
Document findings with detailed technical reports, including risk assessments and actionable remediation steps tailored to OT environments. Participate in post-exercise debriefs and support remediation planning for OT systems. Deliver comprehensive technical reports detailing vulnerabilities, impacts, and remediation guidance. Present findings to system operators, engineers, facility managers, and senior leadership. Qualifications:
5+ years of experience in Red Team or Offensive Security operations. Bachelor's degree in Cybersecurity, Electrical Engineering, Computer Science, or related field (or equivalent experience). At least one relevant cybersecurity certification Proficient in tools such as Cobalt Strike, Sliver, BloodHound. Strong knowledge of Windows and Linux internals. Proficient in scripting (Python, PowerShell, Bash). Knowledge of secure coding practices. Experience with Active Directory exploitation and post-exploitation tactics. Capacity to safely conduct operations on cyber-physical systems. Strong understanding of network protocols, operating systems, and security controls. Knowledge of MITRE ATT&CK framework and threat modeling. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Nice to Have:
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Familiarity with OT protocols Experience with cloud environments and hybrid infrastructures. Prior experience in incident response or Blue Team collaboration. Certifications (preferred but not required):
OSCP, OSEP, CRTO, GPEN, or similar High standing in cyber Capture the Flag competitions Salary Range:
$120K - $165K Our final salary offer will be based on several factors, including depth of technical skills, work experience, education, certifications, and clearance
What Blu Omega Can Offer You:
Competitive benefits including Health Insurance, 401K w/ match, Paid Time Off and more. Results driven culture that embrace our core values Rewarding work contributing to our Nation's mission critical programs
Blu Omega is a Woman Owned Small Business Federal Technology services firm headquartered in Washington DC and supporting clients nationally. We provide Technology solutions for enterprise and government customers. Our team has a past performance in a diverse range of programs including those for Data Management, Cloud/Infrastructure, Software Development and Enterprise Applications.
An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
This role requires an Interim Secret Clearance, at minimum.
The Red Team Analyst is responsible for simulating real-world cyber threats and attacks to assess the organization's security posture. This role involves planning, executing, and reporting on adversarial exercises to identify vulnerabilities, test detection and response capabilities, and improve overall cyber resilience. You'll contribute to the planning, execution, and reporting of offensive security operations against Operational Technology (OT) targets in alignment with client's cybersecurity objectives. Additionally, you'll support development of infrastructure, tools, and process as required to meet NSA DoD Cyber Red Team certification.
The assigned personnel will support Red Team activities targeting mission critical OT systems in various environments. Activities will include:
1. Threat Emulation and Red Team Operations
Simulate real-world threats targeting ICS/SCADA, PLCs, RTUs, and HMIs. Emulate known APT campaigns (e.g., TRITON, INDUSTROYER, BlackEnergy). Plan and execute adversarial simulations and penetration tests specifically targeting OT systems, including ICS, SCADA, PLCs, and related devices. Develop attack scenarios using threat intelligence and TTPs relevant to OT/ICS environments (e.g., ransomware, supply chain attacks, lateral movement). Execute lateral movement from IT to OT environments. Assess the security of network segmentation and trust boundaries. Conduct physical process manipulation within approved parameters. Ensure all activities comply with legal, ethical, safety, and organizational standards, especially regarding operational continuity and safety. 2. Testing and Vulnerability Assessment
Conduct protocol fuzzing and exploit testing (e.g., Modbus, DNP3, OPC UA, BACnet). Enumerate devices, services, and control logic in OT environments. Identify insecure configurations, default credentials, and exposed interfaces. Provide attack path modeling across converged IT/OT architectures. Collaborate with OT security, engineering, and Blue Team personnel to assess and improve detection and response capabilities. 3. Planning and Coordination
Participate in tabletop exercises and scenario development with engineering and operations teams. Assist in defining operational parameters, including Rules of Engagement (RoE), deconfliction processes, and rollback contingencies. 4. Documentation and Reporting
Document findings with detailed technical reports, including risk assessments and actionable remediation steps tailored to OT environments. Participate in post-exercise debriefs and support remediation planning for OT systems. Deliver comprehensive technical reports detailing vulnerabilities, impacts, and remediation guidance. Present findings to system operators, engineers, facility managers, and senior leadership. Qualifications:
5+ years of experience in Red Team or Offensive Security operations. Bachelor's degree in Cybersecurity, Electrical Engineering, Computer Science, or related field (or equivalent experience). At least one relevant cybersecurity certification Proficient in tools such as Cobalt Strike, Sliver, BloodHound. Strong knowledge of Windows and Linux internals. Proficient in scripting (Python, PowerShell, Bash). Knowledge of secure coding practices. Experience with Active Directory exploitation and post-exploitation tactics. Capacity to safely conduct operations on cyber-physical systems. Strong understanding of network protocols, operating systems, and security controls. Knowledge of MITRE ATT&CK framework and threat modeling. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Nice to Have:
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Familiarity with OT protocols Experience with cloud environments and hybrid infrastructures. Prior experience in incident response or Blue Team collaboration. Certifications (preferred but not required):
OSCP, OSEP, CRTO, GPEN, or similar High standing in cyber Capture the Flag competitions Salary Range:
$120K - $165K Our final salary offer will be based on several factors, including depth of technical skills, work experience, education, certifications, and clearance
What Blu Omega Can Offer You:
Competitive benefits including Health Insurance, 401K w/ match, Paid Time Off and more. Results driven culture that embrace our core values Rewarding work contributing to our Nation's mission critical programs
Blu Omega is a Woman Owned Small Business Federal Technology services firm headquartered in Washington DC and supporting clients nationally. We provide Technology solutions for enterprise and government customers. Our team has a past performance in a diverse range of programs including those for Data Management, Cloud/Infrastructure, Software Development and Enterprise Applications.
An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.