Red Team Technical Lead

Company: Scientific Research Corporation
Location: Patuxent River
Posted on: January 26, 2023

Job Description:

MINIMUM SKILLS & REQUIREMENTS:
***This opportunity provides a potential customized relocation package as well as the opportunity for a significant sign-on bonuses for top candidates

• 
  
• Bachelor's degree and at least eight (8) years of work-related experience in a relevant technical discipline required, or an equivalent combination of education and experience
  
• Candidate must have an active Secret Clearance with eligibility to obtain a TS/SCI.
  
• Experience with Offensive and Defensive Cyber Threat Operations to include recent Red Team experience with offensive tool sets like Kali Linux, Metasploit, CobaltStrike, Bloodhound, .NET attack toolsets, privilege escalation, etc.
  
• Requires an advanced level of proficiency and application of broad knowledge and experience
  
• Required/Maintain IAT Level III or IAM Level III 8570 certifications include one or more of the following:
  
  • 
    
  • CASP+ CE
    
  • CCNP Security
    
  • CISA
    
  • GIAC Incident Handler (GCIH)
    
  • GIAC Certified Enterprise Defender (GCED)
    
  • CISM
    
  • GSLC
    
  • CCISO
    
  • Certified Information Systems Security Professional (CISSP)
    
    
  • Requires communication, leadership, and team building skills
    
  • Requires artistic, manual, and technical writing skills and the ability to effectively communicate and coordinate with team members, Government Cyber leadership, and middle management
    
    DESIRED SKILLS & REQUIREMENTS:
    
    • 
      
    • Master's Degree in Cyber Security, Computer Engineering, Computer Science, or Information Technology and at least 10+ years' experience in Offensive Cyber Operations or Computer Network Exploitation
      
    • Experience in performing full spectrum offensive and defensive cyber operations (OCO/DCO)
      
    • Experience with operational training programs and qualification standards
      
    • Experience with Intelligence Analysis process
      
    • Desired certifications include one or more of the following:
      
      • 
        
      • TCM Practical Network Penetration Testing (PNPT)
        
      • Offensive Security Certified Professional (OSCP)
        
      • GIAC Penetration Tester (GPEN)
        
        
      • Red Team, Computer Operator or Exploitation Analyst experience with Threat Systems Management and Operations (TSMO), US Air Force, US Navy or National Security Agency (NSA) / Cyber Mission Force teams
        
      • Experience leading teams conducting Cyber Operations
        
        SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL
        
        ABOUT US
        Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
        
        Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
        
        DIVERSITY & INCLUSION
        We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.
        
        EQUAL OPPORTUNITY EMPLOYER
        Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
        All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.
        
        Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact srchr@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
        
        Covid 19
        SRC does not currently require COVID-19 vaccinations for its employees. Pending the outcome of various court proceedings and resultant government action, SRC and all other Federal Contractor employees may be required, at some point in the future, to be fully vaccinated subject to accommodations for valid medical or religious reasons. Please visit https://www.saferfederalworkforce.gov/contractors/ to read more about the Federal Government's current position on COVID-19 vaccines for Federal Contractor employees.
        
        
        [#CJ #LI-HK1]
        
        PRIMARY DUTIES & RESPONSIBILITIES:
        The Red Team Technical Lead is responsible for leading the team of Red Team Operators through the design and execution of Red Team Campaigns and exercises.
        
        • 
          
        • Oversee Cyber Operations Team personnel and provide guidance and subject matter expertise to government personnel
          
        • Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery.
          
        • Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure.
          
        • Systematically analyze each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering.
          
        • Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement.
          
        • Safely utilize attacker tools, tactics, and procedures when in sensitive environments/devices.
          
        • Evade EDR devices such as Windows Defender and Carbon Black to avoid detection by Defenders/behavioral based alerting in order to further the engagement objectives.
          
        • Demonstrate expertise in one of the following: Active Directory, Software Development, Incident Response, or Cloud Infrastructure.
          
        • Carefully document and log all exploitation activities.
          
        • Continually exercise situational awareness in order quickly identify any instances of cohabitation.
          
        • Document identified vulnerabilities and research corrective/remediation actions in order to recommend a risk mitigation technique(s).
          
        • Demonstrate new vulnerabilities and assist Network Defenders (Blue Team) with the refinement of detection capabilities.
          
        • Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents.
          
        • Communicate effectively with team members and during an engagement.
          
        • Ability to think unconventionally in order to develop adversarial TTPs.
          
        • Keep current with TTPs and the latest offensive security techniques.
          
          

Keywords: Scientific Research Corporation, Alexandria , Red Team Technical Lead, IT / Software / Systems , Patuxent River, Virginia