Apply on Employer Site

Amentum · 2 months ago

EXPLOITATION ANALYST

US-VA-Norfolk

Full-time

Onsite

Mid, Senior Level

5+ years exp

Amentum is looking for an Exploitation Analyst that will develop or oversee development of detailed plans executed by the OPTEVFOR Red Team. The Analyst will function as a subject matter expert in cyberspace operations, identifying capability gaps and coordinating with various organizations to meet test requirements.

Mechanical EngineeringSecurityTechnical Support

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serve as a OPTEVFOR 01D Exploitation Analyst supporting cyber survivability policy and process oversight to warfare divisions, and becoming proficient in, and following OPTEVFOR cyber-T&E concept of operations, SOPs, policies, and guidance

Support sustainment and updating of OPTEVFOR to conduct and instruct Cyber Survivability Test Planning course

Attend OPTEVFOR required meetings in support of OT&E

Inform 01D Future Operations Officer of any challenges and issues in a timely manner for resolution

Maintain and participate in the development of 01D SOPs and OPTEVFOR Cyber test planning documents to include participation in and support of the CCB process

Support the Future Operations Officer to determine overall test strategy and level of cyber-OT&E for acquisition programs

Support the Future Operations Officer in reviewing Test and Evaluation Master Plan (TEMP) (or other types of OT&E resourcing documents), Integrated Evaluation Framework (IEF), test plan or other test planning related documents to ensure adequate test strategies are established within OPTEVFOR policies and guidelines to include adjudication of related comments from stakeholders

Support program specific T&E Integrated Product Team (IPT), cyber table tops and other internal or external events as assigned and non-program specific T&E IPTs, technical exchange meetings, and other briefs and meetings as required

Develop cyber survivability test plans following OPTEVFOR Cyber OT&E procedures and templates and with minimal administrative errors

Coordinate with the warfare divisions and red team operators to ensure defined test objectives are comprehensive and executable, data collection requirements are adequately defined, cyber test capabilities are identified, resourced, and integrated prior to the test plan being signed

Attend test planning visits in support of cyber-OT&E planning

Participate in site pre-test coordination visits. Provide an in brief to the test site

Conduct Pre-Execution Brief to 01D leadership

Prepare library of data needed for test and arrange for its arrival at the test site

Ensure all deconfliction requirements are met prior to test execution in accordance with JFHQ DoDIN and Navy Cyber Defense Operations Command guidance

Lead execution of cyber-OT&E related test events as assigned, supporting cooperative vulnerability penetration assessments and adversarial assessments in accordance with DoD guidance and OPTEVFOR Cyber OT&E policies, guidance and procedures

Coordinate with the OTD, site personnel, program office SMEs, and supporting red teams

Ensure test are conducted safely and OPTEVFOR policies are adhered to

Follow JFHQ-DODIN deconfliction procedures

Verify collected data for accuracy and completeness

Conduct daily hotwashes during test and submit a daily summary report to the OTD and 01D leadership

Ensure all test objectives are completed

Support the Future Operations Officer during the post-test process to ensure traceability between test objectives, collected data, and post-test deliverables

Coordinate with the OTD to set up post-test meetings

Participate in post-test processes including data upload, scoring board, 01D Review Board, CEWG, SERB, and E-SERB

Lead generation of final report products to ensure the information is technically accurate following OPTEVFOR Cyber OT&E procedures and templates and with minimal administrative errors. This includes, drafting of the Data Analysis Summary and Results Enclosure, and reviewing Blue/Gold Sheets drafted by Red Team Operators

Qualification

Cyberspace operationsExploitation analysisTest planningMicrosoft Office ApplicationsNetwork securityDetail-oriented workWritten communicationOral communicationCollaboration

Required

Bachelor's degree in computer science, cybersecurity, or related technical degree OR minimum 5 years' experience in DoD defensive or offensive cyberspace operations planning or exploitation analysis

Proficiency in decomposing complex computer systems/networking configurations in support of system exploitation analysis

Proficiency in Microsoft Office Applications (MS Visio, Project, Excel, PowerPoint etc.)

Ability to perform detail-oriented work quality assurance/quality control prior to delivery to the government

Excellent written and oral communications skills to support briefing senior leadership (O6/GS-15 or higher)

Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Ns, data storage)

Ability to create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities

Ability to collaborate effectively with others

Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means

Knowledge of internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering)

Ability to identify/describe target vulnerability

Knowledge of a wide range of basic communications media concepts and terminology (e.g., computer and telephone networks, satellite, cable, wireless)

Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)

Knowledge of basic malicious activity concepts (e.g., foot printing, scanning and enumeration)

Knowledge of common networking devices and their configurations

Knowledge of concepts for operating systems (e.g., Linux, Unix)

Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media)

Knowledge of how hubs, switches, routers work together in the design of a network

Knowledge of how internet applications work (Simple Mail Transfer Protocol (SMTP) email, web-based email, chat clients, voice over IP)

Knowledge of Internet and routing protocols

Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection)

Knowledge of the basic structure, architecture, and design of modern communication networks

Skill in recognizing technical information that may be used for leads to enable remote operations (data includes users, passwords, email addresses, IP ranges of the target, frequency in DNI behavior, mail servers, domain servers, SMTP header information)

Knowledge of front-end collection systems, including traffic collection, filtering, and selection

Perform analysis for SUT infrastructure exploitation activities

Collaborate with other internal and external partner organizations on target access and operational issues

Conduct analysis of physical and logical digital technologies (e.g., wireless, supervisory control and data acquisition, telecom) to identify likely avenues of access

Lead or enable exploitation operations in support of organization objectives and target requirements

Maintain awareness of advancements in hardware and software technologies (e.g., attend training or conferences, reading) and their likely implications

Ability to accurately and completely source all data used in intelligence, assessment and/or planning products

Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists

Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products

Knowledge of both internal and external customers and partner organizations, including information needs, objectives, structure, capabilities, etc

Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc

Knowledge of common reporting databases and tools

Knowledge of all relevant reporting and dissemination procedures

Knowledge of strategies and tools for target research

Knowledge of organizational and partner policies, tools, capabilities, and procedures

Knowledge of organizational and partner authorities, responsibilities, and contributions to achieving objectives

Skill in creating plans in support of remote operations

Skill in generating test plans in support of mission requirements

Skill in analyzing network device configurations

Skill in assessing system under test security posture

Skill in documenting the execution and results in conducting a cyber-OT&E event