By Light Professional IT Services

Returning Candidate?

Cyber Assessment Team Lead

Cyber Assessment Team Lead

ID 
2018-2349
# of Openings 
1
Job Locations 
US-MD-Fort Meade
Posted Date 
6/26/2018
Category 
Information Technology
Clearance 
TS/SCI w/ Polygraph

More information about this job

Overview

Provides technical cyber security knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, documentation and implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation. SME services may include guidance on plans and policies for: penetration testing, incident response, risk/vulnerability assessments, cyber hunt, evaluation of system architecture, and procedures and policy review to ensure compliance and operational defensive cyber posture.

 

By Light is an IT products and services firm specializing in software development, satellite/terrestrial communications, cyber security, and network engineering/design. Headquartered in Arlington, VA, we provide support worldwide to DOD, Federal Civilian, and Health IT customers.

Responsibilities

  • Align information technology (IT) with the organization’s mission essential functions and tasks to identify Mission Relevant Terrain - Cyber (MRT-C). A process referred to as “mission decomposition.”
  • Based on “Mission Decomposition” determine operational risk (risk to mission) based on threat and vulnerability in accordance with DOD and USCYBERCOM directives and NIST publications.
  • Debrief senior commanders and directors to articulate risk, and to allow for the request for the resources needed to mitigate that risk.
  • Build and lead Cyber Assessment Team engagements for our internal customers.
  • Define and develop the scope of prospective engagements, leading engagements from initial stages through implementation and remediation.
  • Provide subject matter expertise focusing on red [RH1] team operations, working to test defensive mechanisms in an organization.
  • Provide hands-on, penetration testing and Red Team engagement expertise.
  • Oversee vulnerability assessments on a wide variety of technologies and implementations utilizing both automated tools and manual techniques.
  • Oversee development of scripts, tools and methodologies to enhance Cyber Assessment Team processes.
  • Develop scenarios and simulate sophisticated cyberattacks to identify vulnerabilities.
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
  • Help mentor and develop less experienced staff.

Required Experience/Qualifications

  • Must be DoD 8570.01-M IAT level II compliant – CompTIA Security+ or equivalent.
  • Experience in concept and TTP development for emulation of Cyber Adversaries.
  • Experience in exercise planning, MESL development, and execution of COCOM, Fleet, and Special Operations cyber assessments and exercises.
  • Experience in remote exploitation technical capabilities and TTP.
  • Experience in Close Access Team technical capabilities and TTP.
  • Experience in management of hardware/software operational infrastructure associated with Red Team types of “attack platforms.”
  • Experience in operation of commercial and open source network cyber assessment tools (e.g. Core Impact and Rapid7 Metasploit).
  • Experience in computer network platforms, architecture, programming languages and/or development/testing methodology for networked systems.
  • Experience in operational Risk Management (ORM) concepts and application.
  • Experience in application of industry standards for secure software development and lifecycle management.
  • Experience in design, development, testing, modification and operational application of attack and exploitation tools. (to include familiarity with industry standard software engineering concepts and languages such as C+, Python, PHP, etc.).
  • Experience in exploitation and vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.).
  • Experience in improvising courses of action (COAs) and capability development/modification during operations (i.e. remote access/exploitation and close access team operations) to achieve desired red teaming effects.
  • Experience in development, modification, and utilization of network enumeration engines, Open Source Research (OSR) engines, and reverse engineering exploitation frameworks.
  • Experience in development of network systems and architectures to allow Red Team operations in a non-traceable and non-attributable manner.
  • Experience in development of advanced hacking capabilities (e.g. botnet, client deception, advanced Trojans, data exfiltration, mobile device discovery and exploitation).

Preferred Experience/Qualifications

  • Bachelor’s degree from an accredited institution.

Special Requirements/Security Clearance

  • Active TS/SCI, Counter-Intelligence Polygraph.

 

An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

#CJ