Yesterday
Top Secret/SCI
Mid Level Career (5+ yrs experience)
$110,000
IT - Security
Lackland AFB, TX (On-Site/Office)
** IAT II Certification AND one of the following certs required: PenTest+, GPEN, OSCP, or GDAT **
Duties:
-Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads.
-Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities.
-Test for real‐time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact.
-Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. (CDRL A007 & A008)
-Develop mitigations, policies, and procedures to coordinate with internal teams. (CDRL A007)
-Work with incident response team to develop response policies and procedures.
-Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. (CDRL A008)
-Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
-Research & Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions.
-Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings.
-Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior.
-Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities.
-Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
-Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
-Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
-Provide information to operational leaderships tasking as required as it relates to CTE actions
Qualifications:
-Active TS/SCI
-Five years' of penetration testing experience. BA/BS or MA/MS
-Five (5) years of penetration testing experience.
-Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion -Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation.
-Experience with PowerShell, BASH or Python scripting/programming language.
Must have a strong understanding of Linux Operating System.
Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
Duties:
-Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads.
-Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities.
-Test for real‐time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact.
-Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. (CDRL A007 & A008)
-Develop mitigations, policies, and procedures to coordinate with internal teams. (CDRL A007)
-Work with incident response team to develop response policies and procedures.
-Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. (CDRL A008)
-Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
-Research & Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions.
-Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings.
-Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior.
-Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities.
-Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
-Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
-Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
-Provide information to operational leaderships tasking as required as it relates to CTE actions
Qualifications:
-Active TS/SCI
-Five years' of penetration testing experience. BA/BS or MA/MS
-Five (5) years of penetration testing experience.
-Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion -Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation.
-Experience with PowerShell, BASH or Python scripting/programming language.
Must have a strong understanding of Linux Operating System.
Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
group id: 10105424
Accelerating IT transformation in the public sector
