Jul 8
Secret
Senior Level Career (10+ yrs experience)
$150,000
Occasional travel
IT - Security
Fort Belvoir, VA (On-Site/Office)
BreakPoint Labs is seeking Cyber Red Team Operators and Developers to support a Department of Defense client emulate potential nation-state peer adversary cyber reconnaissance, exploitation techniques, and attack capabilities against a targeted mission, system, network, component, or capability. Successful Operator candidates will be passionate about offensive cyber operations and the technical disciplines involved in emulating sophisticated adversarial activity to demonstrate cyber risk-to-mission. Cyber Red Team Developers will create new and innovative tools for Operators to use during assessments of critical DoD and U.S. Government networks. Successful candidates will be passionate about supporting offensive cyber operations and customized tools for post-exploitation capabilities. The positions are on-site at Fort Belvoir, VA.
Operator Responsibilities include:
- Plan and execute computer network operations against U.S. government organizations worldwide to strengthen information system security, identify intrusions and vulnerabilities, and recommend mitigation strategies.
- Maintain operational, technical, and authoritative situational awareness during threat emulation-based exploitation and operations.
- Perform advanced penetration tests against U.S. government organizations as required.
- Perform remote operations from Ft. Belvoir, VA, and/or travel to and perform operations on-site at various locations.
- Produce and present formal and informal reports, briefings, and perspectives on adversarial behavior and attacks against target systems, technologies, operations, and missions provided to customers, including DoD Senior Leaders.
- Write high-level technical reports and develop and present briefings documenting findings, concerns, trends, and implications for DoD officials and customers, enabling personnel to consider the most significant technical and high-level factors when committing DoD resources to mitigate identified vulnerabilities and threats to critical national assets, networks, and systems.
- Provide mentorship to other Cyber Red Team Members.
- Support the development of Cyber Red Team training modules, standard operating procedures, assessment planning, assessment reporting, white papers, briefs, and other technical documentation.
Operator Experience Required:
- Offensive security or significant penetration testing experience
- Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situational awareness reports, and briefings
- Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level.
- DoD Cyber Team experience (desired, not required)
- Expertise in anti-virus evasion, EDR evasion, offensive infrastructure, phishing and social engineering campaigns, and/or penetration testing of critical infrastructure, networking, IoT, and wireless devices (desired, not required)
Certifications Required:
Must hold one of the following DoD 8140/8570 IAT Level III certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- CompTIA Advanced Security Practitioner (CASP)
Security Clearance: A Secret Clearance is required and also the ability to obtain a DoD TS/SCI
Responsibilities for the Developers include:
- Implement an agile software development methodology to deliver custom Cyber Red Team tools for use in post-exploitation activities.
- Expand command and control (C2) (e.g., Cobalt Strike) capabilities using Beacon Object Files (BOFs), user-defined reflective loaders (UDRL), Aggressor Scripts (CNAs), and C/C++/C# tools.
- Develop unique red team assessment tools for remote, local, and persistent cyber operations, including an implant, C2 server, redirector, and operator client.
- Develop shell scripts (e.g., PowerShell, Bash, CMD) if the capability cannot be developed using a more advanced method such as BOF, URDL, or the in-memory deployment of C/C++/C#.
- Extend existing Windows implant capabilities for Linux, MacOS, embedded systems, real-time operating systems, and Cisco IOS via designated C2 platform (e.g. Cobalt Strike) Beacon or boutique implant.
- The expected ratio of program languages utilized is: 50% C / C++ (Beacon Object Files), 25% Sleep (CNAs), 15% C#, 10% Other.
- All development should be designed to integrate within the designated C2 platform (e.g., Cobalt Strike) seamlessly, in order to streamline use by Cyber Red Team Operators.
- The preference for all tools that will integrate with designated C2 platform (e.g., Cobalt Strike) will be a BOF, URDL, C#, or shell script in that order.
- All capabilities will be delivered with a CNA for easy deployment within designated C2 platform (e.g., Cobalt Strike) beacon, as applicable.
- Ensure all tools developed can bypass antivirus software.
- Develop modular tools in a style that is conducive to discrete unit tests.
- Occasional meetings will be required onsite at Ft. Belvoir. Candidates must live within a commutable distance.
Developer Experience Needed:
- Proficient in offensive capability development for Windows environments
- Proficient in C and C# and BOFs
- Experience working in an agile/scrum environment
- Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level.
- Experience in host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations. (desired, not required)
- Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development. (desired, not required)
Offensive Security professional certifications (desired, not required)
- Red Team Apprentice Course (RTAC)
- Red Team Journeyman Course (RTJC)
- Certified Red Team Operator (CRTO) certification
- Offensive Security Certified Professional (OSCP)
- Rogue Ops- Red Team 1 (ROPS)
- GIAC Exploit Researcher & Advanced Penetration Tester (GXPN)
- GIAC Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAP)
Security Clearance: Ability to obtain a DoD TS/SCI
Operator Responsibilities include:
- Plan and execute computer network operations against U.S. government organizations worldwide to strengthen information system security, identify intrusions and vulnerabilities, and recommend mitigation strategies.
- Maintain operational, technical, and authoritative situational awareness during threat emulation-based exploitation and operations.
- Perform advanced penetration tests against U.S. government organizations as required.
- Perform remote operations from Ft. Belvoir, VA, and/or travel to and perform operations on-site at various locations.
- Produce and present formal and informal reports, briefings, and perspectives on adversarial behavior and attacks against target systems, technologies, operations, and missions provided to customers, including DoD Senior Leaders.
- Write high-level technical reports and develop and present briefings documenting findings, concerns, trends, and implications for DoD officials and customers, enabling personnel to consider the most significant technical and high-level factors when committing DoD resources to mitigate identified vulnerabilities and threats to critical national assets, networks, and systems.
- Provide mentorship to other Cyber Red Team Members.
- Support the development of Cyber Red Team training modules, standard operating procedures, assessment planning, assessment reporting, white papers, briefs, and other technical documentation.
Operator Experience Required:
- Offensive security or significant penetration testing experience
- Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situational awareness reports, and briefings
- Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level.
- DoD Cyber Team experience (desired, not required)
- Expertise in anti-virus evasion, EDR evasion, offensive infrastructure, phishing and social engineering campaigns, and/or penetration testing of critical infrastructure, networking, IoT, and wireless devices (desired, not required)
Certifications Required:
Must hold one of the following DoD 8140/8570 IAT Level III certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- CompTIA Advanced Security Practitioner (CASP)
Security Clearance: A Secret Clearance is required and also the ability to obtain a DoD TS/SCI
Responsibilities for the Developers include:
- Implement an agile software development methodology to deliver custom Cyber Red Team tools for use in post-exploitation activities.
- Expand command and control (C2) (e.g., Cobalt Strike) capabilities using Beacon Object Files (BOFs), user-defined reflective loaders (UDRL), Aggressor Scripts (CNAs), and C/C++/C# tools.
- Develop unique red team assessment tools for remote, local, and persistent cyber operations, including an implant, C2 server, redirector, and operator client.
- Develop shell scripts (e.g., PowerShell, Bash, CMD) if the capability cannot be developed using a more advanced method such as BOF, URDL, or the in-memory deployment of C/C++/C#.
- Extend existing Windows implant capabilities for Linux, MacOS, embedded systems, real-time operating systems, and Cisco IOS via designated C2 platform (e.g. Cobalt Strike) Beacon or boutique implant.
- The expected ratio of program languages utilized is: 50% C / C++ (Beacon Object Files), 25% Sleep (CNAs), 15% C#, 10% Other.
- All development should be designed to integrate within the designated C2 platform (e.g., Cobalt Strike) seamlessly, in order to streamline use by Cyber Red Team Operators.
- The preference for all tools that will integrate with designated C2 platform (e.g., Cobalt Strike) will be a BOF, URDL, C#, or shell script in that order.
- All capabilities will be delivered with a CNA for easy deployment within designated C2 platform (e.g., Cobalt Strike) beacon, as applicable.
- Ensure all tools developed can bypass antivirus software.
- Develop modular tools in a style that is conducive to discrete unit tests.
- Occasional meetings will be required onsite at Ft. Belvoir. Candidates must live within a commutable distance.
Developer Experience Needed:
- Proficient in offensive capability development for Windows environments
- Proficient in C and C# and BOFs
- Experience working in an agile/scrum environment
- Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level.
- Experience in host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations. (desired, not required)
- Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development. (desired, not required)
Offensive Security professional certifications (desired, not required)
- Red Team Apprentice Course (RTAC)
- Red Team Journeyman Course (RTJC)
- Certified Red Team Operator (CRTO) certification
- Offensive Security Certified Professional (OSCP)
- Rogue Ops- Red Team 1 (ROPS)
- GIAC Exploit Researcher & Advanced Penetration Tester (GXPN)
- GIAC Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAP)
Security Clearance: Ability to obtain a DoD TS/SCI
group id: 90987816
