Today
Secret
Early Career (2+ yrs experience)
150000
IT - Security
Port Hueneme, CA (On-Site/Office)
Labor Category Role Title: Journeyman Red Team Analyst
Required Skills:
• Minimum 3 years of experience in Red Team or Offensive Security operations.
• Bachelor’s degree in Cybersecurity, Electrical Engineering, Computer Science, or related field (or equivalent experience).
• At least one relevant cybersecurity certification
• Proficient in tools such as Cobalt Strike, Sliver, Bloodhound.
• Strong knowledge of Windows and Linux internals.
• Proficient in scripting (Python, PowerShell, Bash).
• Knowledge of secure coding practices.
• Experience with Active Directory exploitation and post-exploitation tactics.
• Capacity to safely conduct operations on cyber-physical systems.
• Strong understanding of network protocols, operating systems, and security controls.
• Knowledge of MITRE ATT&CK framework and threat modeling.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team."
Preferred Skills:
• Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
• Strong analytical and troubleshooting skills
• Familiarity with OT protocols
• Experience with cloud environments and hybrid infrastructures.
• Prior experience in incident response or Blue Team collaboration."
Day-to-day Responsibilities: The Red Team Analyst is responsible for simulating real-world cyber threats and attacks to assess the organization’s security posture. This role involves planning, executing, and reporting on adversarial exercises to identify vulnerabilities, test detection and response capabilities, and improve overall cyber resilience.
Will contribute to the planning, execution, and reporting of offensive security operations against Operational Technology (OT) targets in alignment with client’s cybersecurity objectives. Additionally, the cybersecurity professionals will support development of infrastructure, tools, and process as required to meet NSA DoD Cyber Red Team certification.
The assigned personnel will support Red Team activities targeting mission critical OT systems in various environments. Activities will include:
1. Threat Emulation and Red Team Operations
• Simulate real-world threats targeting ICS/SCADA, PLCs, RTUs, and HMIs.
• Emulate known APT campaigns (e.g., TRITON, INDUSTROYER, BlackEnergy).
• Plan and execute adversarial simulations and penetration tests specifically targeting OT systems, including ICS, SCADA, PLCs, and related devices.
• Develop attack scenarios using threat intelligence and TTPs relevant to OT/ICS environments (e.g., ransomware, supply chain attacks, lateral movement).
• Execute lateral movement from IT to OT environments.
• Assess the security of network segmentation and trust boundaries.
• Conduct physical process manipulation within approved parameters.
• Ensure all activities comply with legal, ethical, safety, and organizational standards, especially regarding operational continuity and safety.
2. Testing and Vulnerability Assessment
• Conduct protocol fuzzing and exploit testing (e.g., Modbus, DNP3, OPC UA, BACnet).
• Enumerate devices, services, and control logic in OT environments.
• Identify insecure configurations, default credentials, and exposed interfaces.
• Provide attack path modeling across converged IT/OT architectures.
• Collaborate with OT security, engineering, and Blue Team personnel to assess and improve detection and response capabilities.
3. Planning and Coordination
• Participate in tabletop exercises and scenario development with engineering and operations teams.
• Assist in defining operational parameters, including Rules of Engagement (RoE), deconfliction processes, and rollback contingencies.
4. Documentation and Reporting
• Document findings with detailed technical reports, including risk assessments and actionable remediation steps tailored to OT environments.
• Participate in post-exercise debriefs and support remediation planning for OT systems.
• Deliver comprehensive technical reports detailing vulnerabilities, impacts, and remediation guidance.
• Present findings to system operators, engineers, facility managers, and senior leadership."
Education:
o Bachelor's or Master's Degree in Cybersecurity, Electrical Engineering, or related field preferred - or experience equivalent
Offensive Security Certified Professional (OSCP)
o GIAC Response and Industrial Defense (GRID)
o CERT Certified Computer Security Incident Handler
o ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
o GCIH (GIAC Certified Incident Handler)
o GISF (GIAC Information Security Fundamentals)
o CISSP (Certified Information System Security Professional)"
Note: Some ad-hoc travel may be requested and ODCs are funded.
Required Skills:
• Minimum 3 years of experience in Red Team or Offensive Security operations.
• Bachelor’s degree in Cybersecurity, Electrical Engineering, Computer Science, or related field (or equivalent experience).
• At least one relevant cybersecurity certification
• Proficient in tools such as Cobalt Strike, Sliver, Bloodhound.
• Strong knowledge of Windows and Linux internals.
• Proficient in scripting (Python, PowerShell, Bash).
• Knowledge of secure coding practices.
• Experience with Active Directory exploitation and post-exploitation tactics.
• Capacity to safely conduct operations on cyber-physical systems.
• Strong understanding of network protocols, operating systems, and security controls.
• Knowledge of MITRE ATT&CK framework and threat modeling.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team."
Preferred Skills:
• Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
• Strong analytical and troubleshooting skills
• Familiarity with OT protocols
• Experience with cloud environments and hybrid infrastructures.
• Prior experience in incident response or Blue Team collaboration."
Day-to-day Responsibilities: The Red Team Analyst is responsible for simulating real-world cyber threats and attacks to assess the organization’s security posture. This role involves planning, executing, and reporting on adversarial exercises to identify vulnerabilities, test detection and response capabilities, and improve overall cyber resilience.
Will contribute to the planning, execution, and reporting of offensive security operations against Operational Technology (OT) targets in alignment with client’s cybersecurity objectives. Additionally, the cybersecurity professionals will support development of infrastructure, tools, and process as required to meet NSA DoD Cyber Red Team certification.
The assigned personnel will support Red Team activities targeting mission critical OT systems in various environments. Activities will include:
1. Threat Emulation and Red Team Operations
• Simulate real-world threats targeting ICS/SCADA, PLCs, RTUs, and HMIs.
• Emulate known APT campaigns (e.g., TRITON, INDUSTROYER, BlackEnergy).
• Plan and execute adversarial simulations and penetration tests specifically targeting OT systems, including ICS, SCADA, PLCs, and related devices.
• Develop attack scenarios using threat intelligence and TTPs relevant to OT/ICS environments (e.g., ransomware, supply chain attacks, lateral movement).
• Execute lateral movement from IT to OT environments.
• Assess the security of network segmentation and trust boundaries.
• Conduct physical process manipulation within approved parameters.
• Ensure all activities comply with legal, ethical, safety, and organizational standards, especially regarding operational continuity and safety.
2. Testing and Vulnerability Assessment
• Conduct protocol fuzzing and exploit testing (e.g., Modbus, DNP3, OPC UA, BACnet).
• Enumerate devices, services, and control logic in OT environments.
• Identify insecure configurations, default credentials, and exposed interfaces.
• Provide attack path modeling across converged IT/OT architectures.
• Collaborate with OT security, engineering, and Blue Team personnel to assess and improve detection and response capabilities.
3. Planning and Coordination
• Participate in tabletop exercises and scenario development with engineering and operations teams.
• Assist in defining operational parameters, including Rules of Engagement (RoE), deconfliction processes, and rollback contingencies.
4. Documentation and Reporting
• Document findings with detailed technical reports, including risk assessments and actionable remediation steps tailored to OT environments.
• Participate in post-exercise debriefs and support remediation planning for OT systems.
• Deliver comprehensive technical reports detailing vulnerabilities, impacts, and remediation guidance.
• Present findings to system operators, engineers, facility managers, and senior leadership."
Education:
o Bachelor's or Master's Degree in Cybersecurity, Electrical Engineering, or related field preferred - or experience equivalent
Offensive Security Certified Professional (OSCP)
o GIAC Response and Industrial Defense (GRID)
o CERT Certified Computer Security Incident Handler
o ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
o GCIH (GIAC Certified Incident Handler)
o GISF (GIAC Information Security Fundamentals)
o CISSP (Certified Information System Security Professional)"
Note: Some ad-hoc travel may be requested and ODCs are funded.
group id: 90860665
