Geospatial And Cloud Analytics Inc
Advanced Red Team Operator
Geospatial And Cloud Analytics Inc, Norfolk, Virginia, United States, 23500
The Advanced Red Team Operator leads and executes complex penetration testing and red team operations in support of
OPTEVFOR Cyber Operational Test & Evaluation (OT&E) . The role provides technical leadership across planning, preparation, execution, and post-test activities; mentors and directs basic and intermediate operators; and ensures compliance with OPTEVFOR policies, DoD guidance, and DCAT authorization requirements.
Qualifications
Offensive Security Certified Professional (OSCP)
or equivalent offensive cybersecurity certification
Minimum of
six (6) years
of experience performing penetration testing, red teaming, and/or exploitation development
Proficiency with multiple offensive cyber tools, including:
Metasploit
Cobalt Strike
Core Impact
Burp Suite
Nessus
SharpHound
Demonstrated ability to detect malicious program activity using
dynamic analysis techniques
Ability to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives
Minimum of
six (6) years
of demonstrated experience
leading red team operators
to accomplish assigned test objectives
Key Responsibilities Policy, Procedures, and Governance
Become proficient in and ensure adherence to OPTEVFOR Cyber T&E
CONOPS, SOPs, policies, and guidance
Maintain and contribute to development of
01D SOPs and technical documentation
supporting
DCAT authorization
in accordance with
DoDI 8585.01
Research, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the
01D tool approval process
Lead development and execution of
tactics, techniques, and procedures (TTPs)
for penetration testing and red team operations
Research adversary cyber actors’
TTPs, organizational structures, capabilities, personas, and operating environments , integrating findings into cyber survivability test planning and execution
Test Planning
Lead and participate in OPTEVFOR cyber test planning activities, including:
Conducting
open-source research
and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components
Identifying attack surfaces and threat vectors
Participating in checkpoint meetings
Guiding development of
cyber test objectives
Reviewing test plans to ensure objectives are feasible, comprehensive, and executable
Participating in test planning site visits
Test Preparation
Lead preparation activities for cyber OT&E events, including:
Participation in site pre-test coordination visits and support of test site in-briefs
Leading red team
test plan reviews
Adding relevant system technical information to the test reference library
Organizing and leading research briefings focused on
advanced capability development
for future tests
Preparing
OPTEVFOR Red Team (OPTEV-RT) Government-furnished test assets
Test Execution
Lead execution of assigned cyber test events, including
Cooperative Vulnerability Penetration Assessments ,
Adversarial Assessments , and
Cyber Tabletop exercises , in support of Operational Testing, Developmental Testing, risk-reduction events, and other assigned efforts
Employ OPTEVFOR-provided and
NAO-approved commercial and open-source cyber assessment tools , including but not limited to:
Core Impact, Nmap, Burp Suite, Metasploit, Nessus
Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across:
Operating systems (Windows, Linux, Unix)
Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
Execute testing independently while providing
technical direction and oversight
to Basic and Intermediate operators
Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
Adhere to
JFHQ-DoDIN deconfliction procedures
Verify accuracy and completeness of collected test data
Post-Test and Continuous Improvement
Participate in the
post-test iterative process , including generation of deficiency and risk documentation
Document
lessons learned
and drive continuous improvement across red team operations
Generate and update documentation required to maintain
DCAT authorization compliance
in accordance with
DoDI 8585.01
Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials
Attend OPTEVFOR-required meetings in support of OT&E activities
DCWF Knowledge, Skills, Abilities, and Tasks (KSATs) Skills
Assessing existing tools to identify capability gaps and improvement opportunities
Testing and evaluating cyber tools for operational implementation
Knowledge management and technical documentation (e.g., wiki-based documentation)
Processing exfiltrated data for analysis and dissemination
Evaluating and validating locally developed tools for operational use
Ability to
collaborate with development organizations
to create, adapt, and deploy tools required to achieve operational objectives
Ability to
develop new techniques
for gaining, maintaining, and extending access to target systems
Knowledge
Active defense methodologies and system hardening techniques
Encryption algorithms and cyber tools (e.g., TLS, PGP)
Evasion strategies and exploitation techniques
Forensic implications of operating system structures and processes
Host-based security products and their impact on exploitation
Network administration, construction, and topology
Security hardware and software options and their effects on exploitation artifacts
Security implications of software configurations
Digital forensics fundamentals to extract actionable intelligence
Cryptologic capabilities, limitations, and contributions to cyber operations
Unix/Linux and Windows operating system internals (process management, directory structures, installed applications)
Network collection procedures, including decryption techniques and tools
Knowledge of
deconfliction reporting
processes, including coordination with external organizations
#J-18808-Ljbffr
OPTEVFOR Cyber Operational Test & Evaluation (OT&E) . The role provides technical leadership across planning, preparation, execution, and post-test activities; mentors and directs basic and intermediate operators; and ensures compliance with OPTEVFOR policies, DoD guidance, and DCAT authorization requirements.
Qualifications
Offensive Security Certified Professional (OSCP)
or equivalent offensive cybersecurity certification
Minimum of
six (6) years
of experience performing penetration testing, red teaming, and/or exploitation development
Proficiency with multiple offensive cyber tools, including:
Metasploit
Cobalt Strike
Core Impact
Burp Suite
Nessus
SharpHound
Demonstrated ability to detect malicious program activity using
dynamic analysis techniques
Ability to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives
Minimum of
six (6) years
of demonstrated experience
leading red team operators
to accomplish assigned test objectives
Key Responsibilities Policy, Procedures, and Governance
Become proficient in and ensure adherence to OPTEVFOR Cyber T&E
CONOPS, SOPs, policies, and guidance
Maintain and contribute to development of
01D SOPs and technical documentation
supporting
DCAT authorization
in accordance with
DoDI 8585.01
Research, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the
01D tool approval process
Lead development and execution of
tactics, techniques, and procedures (TTPs)
for penetration testing and red team operations
Research adversary cyber actors’
TTPs, organizational structures, capabilities, personas, and operating environments , integrating findings into cyber survivability test planning and execution
Test Planning
Lead and participate in OPTEVFOR cyber test planning activities, including:
Conducting
open-source research
and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components
Identifying attack surfaces and threat vectors
Participating in checkpoint meetings
Guiding development of
cyber test objectives
Reviewing test plans to ensure objectives are feasible, comprehensive, and executable
Participating in test planning site visits
Test Preparation
Lead preparation activities for cyber OT&E events, including:
Participation in site pre-test coordination visits and support of test site in-briefs
Leading red team
test plan reviews
Adding relevant system technical information to the test reference library
Organizing and leading research briefings focused on
advanced capability development
for future tests
Preparing
OPTEVFOR Red Team (OPTEV-RT) Government-furnished test assets
Test Execution
Lead execution of assigned cyber test events, including
Cooperative Vulnerability Penetration Assessments ,
Adversarial Assessments , and
Cyber Tabletop exercises , in support of Operational Testing, Developmental Testing, risk-reduction events, and other assigned efforts
Employ OPTEVFOR-provided and
NAO-approved commercial and open-source cyber assessment tools , including but not limited to:
Core Impact, Nmap, Burp Suite, Metasploit, Nessus
Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across:
Operating systems (Windows, Linux, Unix)
Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
Execute testing independently while providing
technical direction and oversight
to Basic and Intermediate operators
Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
Adhere to
JFHQ-DoDIN deconfliction procedures
Verify accuracy and completeness of collected test data
Post-Test and Continuous Improvement
Participate in the
post-test iterative process , including generation of deficiency and risk documentation
Document
lessons learned
and drive continuous improvement across red team operations
Generate and update documentation required to maintain
DCAT authorization compliance
in accordance with
DoDI 8585.01
Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials
Attend OPTEVFOR-required meetings in support of OT&E activities
DCWF Knowledge, Skills, Abilities, and Tasks (KSATs) Skills
Assessing existing tools to identify capability gaps and improvement opportunities
Testing and evaluating cyber tools for operational implementation
Knowledge management and technical documentation (e.g., wiki-based documentation)
Processing exfiltrated data for analysis and dissemination
Evaluating and validating locally developed tools for operational use
Ability to
collaborate with development organizations
to create, adapt, and deploy tools required to achieve operational objectives
Ability to
develop new techniques
for gaining, maintaining, and extending access to target systems
Knowledge
Active defense methodologies and system hardening techniques
Encryption algorithms and cyber tools (e.g., TLS, PGP)
Evasion strategies and exploitation techniques
Forensic implications of operating system structures and processes
Host-based security products and their impact on exploitation
Network administration, construction, and topology
Security hardware and software options and their effects on exploitation artifacts
Security implications of software configurations
Digital forensics fundamentals to extract actionable intelligence
Cryptologic capabilities, limitations, and contributions to cyber operations
Unix/Linux and Windows operating system internals (process management, directory structures, installed applications)
Network collection procedures, including decryption techniques and tools
Knowledge of
deconfliction reporting
processes, including coordination with external organizations
#J-18808-Ljbffr