Red Team Operations Analyst
Experience/Special Knowledge Desired:
- Candidate must have a solid understanding of exploitation and the different exploit/vulnerability classes. Ability to modify exploits and payloads to function with newly introduced defensive countermeasures
- Candidate should have knowledge of system and network configuration for multiple operating systems. Solid understanding of network protocols and their use
- Candidate should think laterally during engagements. Tie together many vulnerabilities or system misconfigurations to achieve your goal within a network
Education: Bachelor’s Degree in a relevant field of study.
Special Knowledge/Skills Required:
This position requires experience with Windows operating systems and security (boot process, subsystems, kernel- and user-level processes, networking, Active Directory, NTFS/NTFS security), Ubuntu, Kali Linux in addition to:
- Experience with common attack tools (Immunity CANVAS, , Burp, SET)
- Experience with defensive tools (Snort Intrusion Detection System(IDS)/Intrusion Prevention System(IPS), tcpdump, Wireshark, Security Onion IDS Linux Distribution)
- Experience with virtualization solutions
- Experience with the Metasploit Framework, Core Impact, Nmap, Nessus
- Strong communication skills
- OSCP/OSCE (Desired)
- Cisco (CCNA/CCNP)
- CEH (Required)
Specific Duties and Responsibilities include but are not limited to the following:
IIT is seeking a Red Team Operations Analyst with 3-8 years of experience. Candidate will be responsible for performing the following duties:
- Develop attack plans to meet the specified objectives
- Test and rehearse the attack plans and tools prior to the engagement
- Assume the role of the adversary during tests, training and exercises
- Understand and apply Developmental and Operational Test and Evaluation policy and processes to enhance the realism of training, to include:
- Understand and identify system vulnerabilities; and critical information, data and processes that must be protected in the context of system and network Attack Surfaces.
- Understand and apply Cyber attacker Kill Chain elements, with particular emphasis on attack objectives
- To better measure training value: Employ appropriate and capture data on Core Cybersecurity Compliance Metrics; Core System Protection Data and Metrics; and Core Cyber Defense Performance Data and Metrics, including mission performance impacts
- Engage in an active fight with the defenders who will be working to repel you out of their network
- Coordination with other Red Team operators to achieve the specified goals
- Collaborate with our developers and vulnerability researchers to prioritize the attack tool development
- Develop the mission debriefs to enumerate the success or failure of each attack
- Provide constructive feedback to the defenders on their successes and failures
- Other duties as required.
Candidate will be subject to a Government Security Investigation, and must meet eligibility requirements for access to classified information.
Job Location: Norfolk, VA