Advanced Red Team Operator jobs in United States
cer-icon
Apply on Employer Site
company-logo

GCA · 2 days ago

Advanced Red Team Operator

positionNorfolk, VA 23462
timeFull-time
remoteOnsite
senioritySenior Level
date6+ years exp

GCA is a minority veteran owned small business providing solutions in the intelligence and information technology industries. The Advanced Red Team Operator leads complex penetration testing and red team operations, providing technical leadership and ensuring compliance with policies and guidance.

Information Technology & Services
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Become proficient in and ensure adherence to OPTEVFOR Cyber T&E CONOPS, SOPs, policies, and guidance
Maintain and contribute to development of 01D SOPs and technical documentation supporting DCAT authorization in accordance with DoDI 8585.01
Research, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the 01D tool approval process
Lead development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations
Research adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and operating environments, integrating findings into cyber survivability test planning and execution
Lead and participate in OPTEVFOR cyber test planning activities, including: Conducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components
Identifying attack surfaces and threat vectors
Participating in checkpoint meetings
Guiding development of cyber test objectives
Reviewing test plans to ensure objectives are feasible, comprehensive, and executable
Participating in test planning site visits
Lead preparation activities for cyber OT&E events, including: Participation in site pre-test coordination visits and support of test site in-briefs
Leading red team test plan reviews
Adding relevant system technical information to the test reference library
Organizing and leading research briefings focused on advanced capability development for future tests
Preparing OPTEVFOR Red Team (OPTEV-RT) Government-furnished test assets
Lead execution of assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletop exercises, in support of Operational Testing, Developmental Testing, risk-reduction events, and other assigned efforts
Employ OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including but not limited to: Core Impact, Nmap, Burp Suite, Metasploit, Nessus
Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across: Operating systems (Windows, Linux, Unix), Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
Execute testing independently while providing technical direction and oversight to Basic and Intermediate operators
Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
Adhere to JFHQ-DoDIN deconfliction procedures
Verify accuracy and completeness of collected test data
Participate in the post-test iterative process, including generation of deficiency and risk documentation
Document lessons learned and drive continuous improvement across red team operations
Generate and update documentation required to maintain DCAT authorization compliance in accordance with DoDI 8585.01
Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials
Attend OPTEVFOR-required meetings in support of OT&E activities

Qualification

Offensive Security Certified ProfessionalPenetration TestingRed Team OperationsDynamic Analysis TechniquesOffensive Cyber ToolsTechnical DirectionCollaboration with DevelopmentDeveloping New Techniques

Required

Offensive Security Certified Professional (OSCP) or equivalent offensive cybersecurity certification
Minimum of six (6) years of experience performing penetration testing, red teaming, and/or exploitation development
Proficiency with multiple offensive cyber tools, including: Metasploit, Cobalt Strike, Core Impact, Burp Suite, Nessus, SharpHound
Demonstrated ability to detect malicious program activity using dynamic analysis techniques
Ability to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives
Minimum of six (6) years of demonstrated experience leading red team operators to accomplish assigned test objectives

Company

GCA

twitter
Glassdoor3.4
company-logo
GCA is a veteran owned small business providing solutions to customer requirements in every realm of the intelligence and information technology industries to include, imagery/intelligence analysis, related systems engineering and administration, operations and maintenance, networking and VTC services.
dateFounded in 2015
location
Manassas, VA, US
people-size11-50 employees
web-link
https://www.gcanext.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Anthony Tannoya
Chief Executive Officer
linkedin
leader-logo
Michael Dorr
Vice President & COO
linkedin
Company data provided by crunchbase