Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Red Team Operator (Offensive Security Specialist)
Company TIME Systems
Location Charleston SC/ Remote
Preferred GIAC Certifications GCIH GPEN, GWAPT, GAWN, GCPN, GXPEN
Travel 10%
Salary Depends on Experience
URL https://timesystemsllc.com/careers/red-team-operator/
Contact Name MShrewsbury
Contact Email mshrewsbury/at/sans.org
Expires 2021-09-10

Job Description

Successful candidates will be joining a team of industry experts as part of the government Red Team supporting local and remote operations; dynamically emulating threat actors to identify risk, strengthen security posture, and improve client’s detection/response capabilities through short and long-term engagements. VETERANS ENCOURAGED TO APPLY

You will perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments. Pre-Operation duties include assisting with crafting mission objectives, mission planning, setting up infrastructure, and mentoring less experienced staff. Post- operation activities include writing precise/accurate reports and effectively presenting findings to both technical and executive audiences.

Duties and Responsibilities:
Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery.
Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure.
Systematically analyze each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering.
Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement.
Safely utilize attacker tools, tactics, and procedures when in sensitive environments/devices.
Evade EDR devices such as CarbonBlack and Falcon to avoid detection by Defenders/behavioral based alerting in order to further the engagement objectives.
Demonstrate expertise in one of the following: Active Directory, Software Development, Incident Response, or Cloud Infrastructure.
Carefully document and log all exploitation activities.
Continually exercise situational awareness in order quickly identify any instances of cohabitation.
Document identified vulnerabilities and research corrective/remediation actions in order to recommend a risk mitigation technique(s).
Demonstrate new vulnerabilities and assist Network Defenders (Blue Team) with the refinement of detection capabilities.
Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents.
Communicate effectively with team members and clients in the course of an engagement. Ability to think unconventionally in order to develop novel adversarial TTPs.
Keep current with training and the latest offensive security techniques.

Requirements:
Possess specialized experience in Red Teaming, Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), Bug Bounties, or Penetration Testing.

Technical knowledge of security engineering, computer and network security, authentication, security protocols and applied cryptography.

Experience with offensive tool sets like Kali Linux, Metasploit, CobaltStrike, CommandoVM, BlackArch Linux, Parrot OS, etc.

Experience with at least one of the following scripting languages: PowerShell, Bash, Python, or Ruby. Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures. Candidate must have an active Secret Clearance with eligibility to obtain a TS/SCI.
Possess strong analytical and problem-solving skills.

Habitually practice excellent independent, disciplined, organizational, and personal project management skills. Proven ability to work effectively with management, staff, vendors, and external consultants.
Capable of simultaneously managing multiple projects from start to finish.

Exceptional written skills and able to explain highly technical topics to a wide range of audiences.

Maintain minimum required professional certifications to meet DoD 8570 requirements, including CEH, SEC+, CySA+, PenTest+, CCNP, CISSP, GCIH CISM, etc.

Preferred Professional and Technical Expertise
A Bachelor’s Degree (or higher) and five (5) years of recent specialized experience in Computer Science or a related technical field OR;
An Associate’s Degree and seven (7) years of relevant specialized experience OR;
A relevant Offensive/Red Team/PenTest Certification from organizations such as TCM Security (CPEH/PNPT),
SANS (GPEN, GWAPT, GAWN, GCPN, GXPEN), Crest (CSAT, CSAM), eLearnSecurity (eCPPT, eCPTX, eWPTX,
eCXD), Offensive Security (OSCP, OSWP, OSEP, OSWE, OSED, OSEE), or demonstrable equivalent skills AND seven (7) years of recent specialized experience OR;
Eleven (11) years of recent specialized experience.
Additional Requirements and Skills:
Occasional lifting of 25 pounds+ may be required. Prior Military experience is desirable.

TIME Systems, LLC is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.