Apply on Employer Site

Millennium · 5 months ago

Red Team Operator

Norfolk, VA

Full-time

Onsite

Senior Level

6+ years exp

Millennium Corporation has been a leader in cybersecurity for two decades, specializing in Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. They are seeking a Red Team Operator to conduct vulnerability assessments and collaborate with Cyber Test Engineers to enhance the security of systems for DoD and federal clients.

Asset ManagementFinanceFinancial ServicesHedge Funds

No H1B

Security Clearance Required

Responsibilities

Conduct open source research and system under test documentation review to familiarize with the system’s mission, architecture and interfaces including critical components to identify its attack surface and threat vectors

Work with the customer Cyber Test Engineers and subject matter experts to generate specific test objectives for incorporation into the overall test plan

Conduct cooperative vulnerability penetration assessments and adversarial assessments in accordance with DoD guidance and Cyber OT&E policies, guidance and procedures

Participate in customer Cyber Survivability Test Planning Check Points, pre-coordination meetings and conduct pre-execution site surveys

Attend site visits and conduct manual examination of system and network configurations, system logs, and devices

Observe, collect, and analyze Cyber OT&E test data in accordance with the customer Cyber OT&E policies, guidance and procedures

Provide and/or support pre and post-test execution meetings and briefs

Use customer provided and Navy Authorizing Official approved commercial and open source network cyber assessment tools (e.g. Core Impact, Nmap, Burp, Metasploit, and Nessus)

Employee ethical hacking expertise to exploit discovered vulnerabilities and misconfigurations associated with but not limited to operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc) to accomplish test objectives

Research various cyber actors’ TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into Cyber Survivability test planning and execution

Develop and utilize program specific testing methodology for threat emulation and vulnerability validation

Participate in program specific technical exchanges, cyber table tops, risk reduction events, and planning events

Conduct and coordinate JHQ DoDIN directed deconfliction process

Qualification

Cybersecurity experienceRed team testing methodologyEthical hacking expertiseTS/SCI clearanceOperational Risk ManagementProposal writing supportTechnical documentation