Cimarron Inc.
Cimarron is seeking a mid‑level
Cyber Threat Emulation Analyst
to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at either the Redstone Arsenal in Huntsville, AL or at Schriever Space Force Base in Colorado Springs, CO.
Key Duties
Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks in alignment with Evaluator Scoring Metrics (ESM).
Conduct proactive and reactive cybersecurity operations on customer networks to strengthen enterprise security.
Analyze threat intelligence and vulnerability data to assess risks and enhance network defense.
Develop, review, and maintain DCO procedures, processes, and supporting documentation.
Evaluate the effectiveness of defense‑in‑depth architecture against known vulnerabilities.
Produce vulnerability assessment reports and escalate findings as needed.
Support enterprise‑wide Incident Response in accordance with DoD regulations and guidance.
Lead cyber event and incident investigations, including data collection, analysis, and reporting.
Contribute to Exploitation Analyst training by instructing, evaluating, and mentoring analysts of all levels.
Review and implement tasking and fragmentary orders issued by Higher Headquarters (HHQ).
Conduct Cyber Threat Emulation (CTE) activities using Automated Security Validation tools per HHQ directives.
Execute adversary‑based CTE engagements to evaluate detection, alerting, and network response.
Develop custom dashboards and reports detailing engagement outcomes, vulnerabilities, and remediation recommendations.
Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE actions.
Partner with the Cyberspace Domain Awareness (CDA) team to create evaluation criteria aligned with HHQ inspections and industry standards.
Required Skills, Experience, and Education
Only U.S. citizens are eligible for consideration.
The position requires access to federal facilities. Candidates must possess a valid, unexpired Real‑ID compliant driver's license or state‑issued ID at the time of hire.
Active Secret Clearance (or higher).
Six or more years of full‑time work experience.
Four or more years of experience with:
Manual or automated penetration testing in an enterprise environment.
Vulnerability assessment, cybersecurity frameworks, or conducting risk assessments.
The full life cycle of incident response and enterprise‑level monitoring.
Current DoD 8570.01‑M IAT Level II certification with Continuing Education (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP).
Ability to obtain a PenTest+ certification within six months of the start date.
Desired Skills, Experience, and Education
Current PenTest+ Certification.
Active Top Secret Clearance.
Experience with Cyber Threat Emulation tools, policies, and procedures.
Experience operating custom software in a Linux environment.
Experience with security analysis and solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux.
Experience using Security Operations Center (SOC) or Defensive Cyber Operations (DCO) tools such as firewalls, IDS/IPS, Network Security Manager, Bluecoat, and Barracuda.
Experience performing security compliance scans across wide area networks (ACAS/Nessus preferred).
Background in configuration, troubleshooting, and deployment of host‑based security solutions (ESS preferred).
Ability to mentor and train personnel in a dynamic, fast‑paced environment.
Familiarity with DoD Security Operations Centers (SOC), also known as Cybersecurity Service Providers (CSSPs).
Familiarity with DCO/CSSP‑related security policies and procedures.
Bachelor's degree (or higher) in Cybersecurity, Computer Science, or a related field.
Business Profile Cimarron is a global solutions company with a strategic partnering approach to satisfying customer‑driven requirements. We ensure customer success with a modern approach and experienced leadership. Driven by an entrepreneurial spirit, Cimarron is fueled by highly skilled employees, developing new innovative technologies, and delivering superior products and services. We believe in recognizing employees’ worth by offering competitive salaries and benefits, including health, dental, and vision insurance, 401(k) contributions, educational reimbursement, and much more. Cimarron is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr
Cyber Threat Emulation Analyst
to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at either the Redstone Arsenal in Huntsville, AL or at Schriever Space Force Base in Colorado Springs, CO.
Key Duties
Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks in alignment with Evaluator Scoring Metrics (ESM).
Conduct proactive and reactive cybersecurity operations on customer networks to strengthen enterprise security.
Analyze threat intelligence and vulnerability data to assess risks and enhance network defense.
Develop, review, and maintain DCO procedures, processes, and supporting documentation.
Evaluate the effectiveness of defense‑in‑depth architecture against known vulnerabilities.
Produce vulnerability assessment reports and escalate findings as needed.
Support enterprise‑wide Incident Response in accordance with DoD regulations and guidance.
Lead cyber event and incident investigations, including data collection, analysis, and reporting.
Contribute to Exploitation Analyst training by instructing, evaluating, and mentoring analysts of all levels.
Review and implement tasking and fragmentary orders issued by Higher Headquarters (HHQ).
Conduct Cyber Threat Emulation (CTE) activities using Automated Security Validation tools per HHQ directives.
Execute adversary‑based CTE engagements to evaluate detection, alerting, and network response.
Develop custom dashboards and reports detailing engagement outcomes, vulnerabilities, and remediation recommendations.
Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE actions.
Partner with the Cyberspace Domain Awareness (CDA) team to create evaluation criteria aligned with HHQ inspections and industry standards.
Required Skills, Experience, and Education
Only U.S. citizens are eligible for consideration.
The position requires access to federal facilities. Candidates must possess a valid, unexpired Real‑ID compliant driver's license or state‑issued ID at the time of hire.
Active Secret Clearance (or higher).
Six or more years of full‑time work experience.
Four or more years of experience with:
Manual or automated penetration testing in an enterprise environment.
Vulnerability assessment, cybersecurity frameworks, or conducting risk assessments.
The full life cycle of incident response and enterprise‑level monitoring.
Current DoD 8570.01‑M IAT Level II certification with Continuing Education (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP).
Ability to obtain a PenTest+ certification within six months of the start date.
Desired Skills, Experience, and Education
Current PenTest+ Certification.
Active Top Secret Clearance.
Experience with Cyber Threat Emulation tools, policies, and procedures.
Experience operating custom software in a Linux environment.
Experience with security analysis and solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux.
Experience using Security Operations Center (SOC) or Defensive Cyber Operations (DCO) tools such as firewalls, IDS/IPS, Network Security Manager, Bluecoat, and Barracuda.
Experience performing security compliance scans across wide area networks (ACAS/Nessus preferred).
Background in configuration, troubleshooting, and deployment of host‑based security solutions (ESS preferred).
Ability to mentor and train personnel in a dynamic, fast‑paced environment.
Familiarity with DoD Security Operations Centers (SOC), also known as Cybersecurity Service Providers (CSSPs).
Familiarity with DCO/CSSP‑related security policies and procedures.
Bachelor's degree (or higher) in Cybersecurity, Computer Science, or a related field.
Business Profile Cimarron is a global solutions company with a strategic partnering approach to satisfying customer‑driven requirements. We ensure customer success with a modern approach and experienced leadership. Driven by an entrepreneurial spirit, Cimarron is fueled by highly skilled employees, developing new innovative technologies, and delivering superior products and services. We believe in recognizing employees’ worth by offering competitive salaries and benefits, including health, dental, and vision insurance, 401(k) contributions, educational reimbursement, and much more. Cimarron is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr