Red Team Engineer - TS/SCI
Job Description:
We are currently seeking a Red Team Engineer who will be responsible for leading the design and execution of adversarial-based security testing on various targets. The successful candidate will be skilled in evaluating environments, applications, systems, or processes to identify weaknesses and exploit them to develop actionable real-world attack strategies. This role involves providing leadership and guidance to advance the operational capabilities of the team and assess risks to the enterprise.
Responsibilities:
- Structure and optimize the Red Team for efficient execution, including implementing programmatic improvements to address existing team gaps.
- Lead and conduct a comprehensive range of Red Team testing, including network penetration, web application testing, threat analysis, wireless network assessments, social engineering testing, and IDS/IPS/Antivirus evasion techniques.
- Utilize expertise in operating systems, networking protocols, firewalls, databases, firmware, middleware, applications, forensic analysis, scripting, and programming for adversarial-based security engagements.
- Develop accurate and comprehensive reports and presentations for both technical and executive audiences.
- Mentor and lead junior technical operators, translating highly technical information effectively for senior management to support mission goals.
- Help define the Red Team strategy to enhance the organization's security posture.
- Communicate findings and strategies clearly to client stakeholders, including technical staff, executive leadership, and legal counsel.
- Provide risk-appropriate and pragmatic recommendations to address vulnerabilities.
- Configure and safely utilize attacker tools, tactics, and procedures to improve the security posture of mission systems.
- Develop scripts, tools, or methodologies to enhance Red Team processes.
Required Skills:
- Bachelor's degree and 15 years of work experience or Master's Degree and 10 years of work experience.
- Experience in network penetration testing and manipulation of network infrastructure.
- Sensitive
- Experience in shell scripting or automation of simple tasks using Perl, Python, or Ruby.
- Experience developing, extending, or modifying exploits, shellcode, or exploit tools.
- Experience with Red, Blue, or Purple teaming exercises.
- Working knowledge of exfiltration and lateral movement tradecraft.
- Working knowledge of OSINT collection/reconnaissance techniques for target selection.
- Strong attention to detail with analytical and problem-solving skills.
- Knowledge of tools used for web application and network security testing, such as Kali Linux, Metasploit, Burp suite, Cobalt Strike, Bloodhound, Powershell Empire, Nessus, Web Inspect, NMAP, Nikto, Sqlmap, etc.
- 8570 Level 3 IAT certification.
Desired Skills:
- A degree in a technical field (Computer Science, IT Engineering, etc).
- Solid understanding of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors.
- Experience with source code review for control flow and security flaws.
- An implementation level familiarity with all common classes of modern exploitation such as: XSS, XMLi, SQLi, Deserialization Attacks, etc.
- Thorough understanding of network protocols, data on the wire, and covert channels.
- Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
- Experience in mobile and/or web application assessments.
- Experience in email, phone, or physical social-engineering assessments.
- Programming skills as well as the ability to read and assess applications written in multiple languages, such as JAVA, .NET, C#, or others.
- Emulate ransomware and advanced persistent threats (APT) in support of Threat Hunt.
- Industry certifications such as OSCP/OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN.
CrowdCyber
Northern Virginia, USA
Send Us Your Resume and Contact Info!