Apply on Employer Site

Command Post Technologies, Inc · 1 week ago

Senior Cyber Red Team Operator (Penetration Testing)

Patuxent River, MD

Full-time

Onsite

Senior Level, Lead/Staff

10+ years exp

Command Post Technologies, Inc. (CPT) is a Service-Disabled Veteran-Owned Small Business providing engineering services in Cyber Security and Software Development. The role involves performing adversarial threat emulation and penetration testing to assess the performance of aeronautical systems and government networks, while identifying vulnerabilities in operational networks and programs.

Cyber SecurityInformation TechnologySecurity

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform adversarial threat emulation (Red Teaming) and penetration testing to assess the performance of aeronautical systems, subsystems, equipment (platform IT), and on government networks including Windows domains, Linux systems, switches, routers, and other connected network devices

Apply and/or develop highly advanced principles, concepts, and tactics

Identify issues and vulnerabilities associated with operational networks and programs

Qualification

Penetration testingRed team operationsCybersecurity certificationsOffensive security experienceOpen source toolsIP network protocolsExploit developmentWeb application testingBash scriptingPythonPowerShellTeam collaboration

Required

Bachelor's degree in related discipline, or equivalent experience/combined education and/or advanced certification

Active TS Security Clearance with SCI or SCI eligibility

At least 10 years of pen testing, red team operations, and/or offensive security experience including experience conducting on-net assessments

Experience operating open source and commercial tools such as Metasploit, Burp Suite, Cobalt Strike, NMAP, Core Impact, etc

Working knowledge of IP network protocols, subnetting, routing, switching, etc

Experience in one or more of the following cybersecurity disciplines: Penetration testing of modern Windows and Linux operating systems and IP-based networks; Exploit and malware development targeting modern operating systems and defenses; Reverse engineering; Web application penetration testing; Software development; Hardware hacking; Cryptography; Software defined networks; Digital forensics; Control systems; and/or Radio Frequency (RF)

Ability to work in a diverse team environment

Industry certification of EC-Council Certified Ethical Hacker (C|EH) and ISC2 Certified Information Systems Security Professional (CISSP) or their equivalents are required

Be able to obtain one or more of the following vendor certifications within 6 months of being hired: Offensive Security Certified Engineer (OSCE); Offensive Security Certified Professional (OSCP); and GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)

Preferred

Cyber related military training courses such as Title 10 Interactive On-Net Operator Course, Joint Cyber Analysis Course (JCAC), and Cyber Operations Specialist Qualification Course

Industry certification of Offensive Security Certified Professional (OSCP) is highly desirable

Specialization in web application penetration testing is a plus

Experience with WiFi and/or Software Defined Radio (SDR) hacking is a plus

Experience with red team / adversarial emulations is a plus

Experience executing Close Access Team (CAT) assessments is a plus

Experience with weapon systems assessments is a major plus

Experience with bash scripting, Python, and/or PowerShell is a major plus

Experience working in a cyber range is a major plus