Today
Public Trust
Unspecified
Unspecified
IT - Support
Washington, DC (On-Site/Office)
Mid-Level Red Team Operator
Responsibilities
Qualifications
Additional Qualifications
Preferred
Responsibilities
- Conduct red team exercises against production IT systems, facilities, and personnel.
- Develop and conduct spear phishing campaigns to gain internal network access.
- Conduct exploitation of external-facing assets to gain internal network access.
- Conduct post-exploitation actions toward exercise objectives.
- Conduct on-site physical penetration assessments at various client locations to obtain access to the internal network.
- Use custom code and/or commercial-off-the-shelf (COTS) exploitation frameworks to bypass and penetrate network and system defenses.
- Comply with the unique rules of engagement (ROE) that will be provided for each exercise, along with the standard operating procedures (SOP) for overall Red Team operations.
- Employ red team tradecraft while conducting exercises.
Qualifications
- Minimum 4 years direct, hands-on technical red team and/or computer network exploitation/attack operations experience.
- Minimum 1-2 years technical red team leadership experience.
- Minimum 1-2 years of hands-on experience with using, modifying, and customizing penetration testing and red teaming software frameworks (e.g., Cobalt Strike, Kali) to meet operational requirements.
- Minimum 1-2 years of independently conducting every phase of a red team exercise without guidance or supervision.
- Minimum 1-2 years of hands-on experience developing payloads that bypass A/V and EDR solutions for use in various phases of a red team exercise.
- Minimum 1-2 years mentoring junior and mid-level operators on red team tradecraft and Advanced Knowledge Requirements.
- Minimum 1-2 years of experience in professionally delivering technical red team reports and briefings.
Additional Qualifications
- Ability to independently conduct every phase of a red team exercise on their own without guidance or supervision.
- Hands-on experience developing payloads that bypass A/V and EDR solutions for use in various phases of a red team exercise.
- Ability to mentor junior and mid-level operators on red team tradecraft and Advanced Knowledge Requirements.
- Experience in professionally delivering technical and executive-level red team reports and briefings.
Preferred
- Certifications such as OSCP, OSCE, OSEE, GXPN, and/or GPEN are preferred.
group id: PRISMVA
