Yesterday
Secret
Early Career (2+ yrs experience)
No Traveling
IT - Security
Fort Belvoir, VA (On-Site/Office)
Cyber Red Team Operator
BreakPoint Labs is seeking Cyber Red Team Operators to support a Department of Defense client emulate potential nation-state peer adversary cyber reconnaissance, exploitation techniques, and attack capabilities against a targeted mission, system, network, component, or capability. Successful candidates will be passionate about offensive cyber operations and the technical disciplines involved in emulating sophisticated adversarial activity to demonstrate cyber risk-to-mission.
Responsibilities include:
● Plan and execute computer network operations against U.S. government organizations
worldwide to strengthen information system security, identify intrusions and
vulnerabilities, and recommend mitigation strategies.
● Maintain operational, technical, and authoritative situational awareness during threat
emulation-based exploitation and operations.
● Perform advanced penetration tests against U.S. government organizations as required.
● Perform remote operations from Ft. Belvoir, VA, and/or travel to and perform operations
on-site at various locations.
● Produce and present formal and informal reports, briefings, and perspectives on
adversarial behavior and attacks against target systems, technologies, operations, and
missions provided to customers, including DoD Senior Leaders.
● Write high-level technical reports and develop and present briefings documenting
findings, concerns, trends, and implications for DoD officials and customers, enabling
personnel to consider the most significant technical and high-level factors when
committing DoD resources to mitigate identified vulnerabilities and threats to critical
national assets, networks, and systems.
● Provide mentorship to other Cyber Red Team Members.
● Support the development of Cyber Red Team training modules, standard operating
procedures, assessment planning, assessment reporting, white papers, briefs, and other
technical documentation.
Experience:
● Offensive security or significant penetration testing experience
● Ability to communicate complex technical and programmatic information, often in the
form of verbal and visual operational updates, situational awareness reports, and
briefings
● Ability and willingness to complete client technical aptitude test to validate minimum
technical proficiency level.
● DoD Cyber Team experience (desired, not required)
● Expertise in anti-virus evasion, EDR evasion, offensive infrastructure, phishing and
social engineering campaigns, and/or penetration testing of critical infrastructure,
networking, IoT, and wireless devices (desired, not required)
● Cyber Red Team professional certifications and training (desired, not required)
○ Red Team Apprentice Course (RTAC)
○ Red Team Journeyman Course (RTJC)
○ Certified Red Team Operator (CRTO) certification
○ Offensive Security Certified Professional (OSCP)
○ Rogue Ops- Red Team 1 (ROPS)
○ GIAC Exploit Researcher & Advanced Penetration Tester (GXPN)
○ GIAC Penetration Tester (GPEN)
○ GIAC Web Application Penetration Tester (GWAP)
● Experience working with Command and Control (C2) frameworks such as Cobalt Strike highly desired
Certifications:
● Must hold one of the following DoD 8140/8570 IAT Level III certifications:
○ Certified Information Systems Security Professional (CISSP)
○ Certified Information Systems Auditor (CISA)
○ GIAC Certified Incident Handler (GCIH)
○ GIAC Certified Enterprise Defender (GCED)
○ CompTIA Advanced Security Practitioner (CASP)
Security Clearance: Minimum Secret with the ability to obtain a DoD TS/SCI
BreakPoint Labs is seeking Cyber Red Team Operators to support a Department of Defense client emulate potential nation-state peer adversary cyber reconnaissance, exploitation techniques, and attack capabilities against a targeted mission, system, network, component, or capability. Successful candidates will be passionate about offensive cyber operations and the technical disciplines involved in emulating sophisticated adversarial activity to demonstrate cyber risk-to-mission.
Responsibilities include:
● Plan and execute computer network operations against U.S. government organizations
worldwide to strengthen information system security, identify intrusions and
vulnerabilities, and recommend mitigation strategies.
● Maintain operational, technical, and authoritative situational awareness during threat
emulation-based exploitation and operations.
● Perform advanced penetration tests against U.S. government organizations as required.
● Perform remote operations from Ft. Belvoir, VA, and/or travel to and perform operations
on-site at various locations.
● Produce and present formal and informal reports, briefings, and perspectives on
adversarial behavior and attacks against target systems, technologies, operations, and
missions provided to customers, including DoD Senior Leaders.
● Write high-level technical reports and develop and present briefings documenting
findings, concerns, trends, and implications for DoD officials and customers, enabling
personnel to consider the most significant technical and high-level factors when
committing DoD resources to mitigate identified vulnerabilities and threats to critical
national assets, networks, and systems.
● Provide mentorship to other Cyber Red Team Members.
● Support the development of Cyber Red Team training modules, standard operating
procedures, assessment planning, assessment reporting, white papers, briefs, and other
technical documentation.
Experience:
● Offensive security or significant penetration testing experience
● Ability to communicate complex technical and programmatic information, often in the
form of verbal and visual operational updates, situational awareness reports, and
briefings
● Ability and willingness to complete client technical aptitude test to validate minimum
technical proficiency level.
● DoD Cyber Team experience (desired, not required)
● Expertise in anti-virus evasion, EDR evasion, offensive infrastructure, phishing and
social engineering campaigns, and/or penetration testing of critical infrastructure,
networking, IoT, and wireless devices (desired, not required)
● Cyber Red Team professional certifications and training (desired, not required)
○ Red Team Apprentice Course (RTAC)
○ Red Team Journeyman Course (RTJC)
○ Certified Red Team Operator (CRTO) certification
○ Offensive Security Certified Professional (OSCP)
○ Rogue Ops- Red Team 1 (ROPS)
○ GIAC Exploit Researcher & Advanced Penetration Tester (GXPN)
○ GIAC Penetration Tester (GPEN)
○ GIAC Web Application Penetration Tester (GWAP)
● Experience working with Command and Control (C2) frameworks such as Cobalt Strike highly desired
Certifications:
● Must hold one of the following DoD 8140/8570 IAT Level III certifications:
○ Certified Information Systems Security Professional (CISSP)
○ Certified Information Systems Auditor (CISA)
○ GIAC Certified Incident Handler (GCIH)
○ GIAC Certified Enterprise Defender (GCED)
○ CompTIA Advanced Security Practitioner (CASP)
Security Clearance: Minimum Secret with the ability to obtain a DoD TS/SCI
group id: 90987816
