Basic Red Team Operator

G

Geospatial And Cloud Analytics Inc

Basic Red Team Operator

Norfolk, VA
Full Time
Paid
  • Responsibilities

    The Basic Red Team Operator supports OPTEVFOR Cyber Operational Test & Evaluation (OT&E) activities by conducting penetration testing and red team operations under the guidance of intermediate or advanced red team operators. The role contributes to test planning, preparation, execution, and post-test activities in support of cooperative vulnerability penetration assessments, adversarial assessments, and cyber tabletop events.

    Qualifications

    Certified Ethical Hacker (CEH) certification or equivalent/higher offensive cybersecurity certification

    Minimum of one (1) year of experience performing penetration testing, red teaming, and/or exploitation development

    Proficiency in at least two operating systems, including Windows, Linux, or Unix variants

    Proficiency with at least one offensive security tool, such as:

    Metasploit

    Cobalt Strike

    Core Impact

    Ability to operate independently to conduct penetration testing or red team activities under guidance from senior or intermediate operators

    Ability to independently generate red team reports and supporting documentation

    Key Responsibilities

    Orientation and Tooling

    Become proficient in OPTEVFOR Cyber Test & Evaluation CONOPS, SOPs, policies, and guidance

    Research and submit operational requirements for acquisition of cyber tools and equipment in accordance with the 01D tool approval process

    Support development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations

    Test Planning

    Participate in OPTEVFOR cyber test planning activities, including:

    Conducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components

    Identifying attack surfaces and potential threat vectors

    Participating in checkpoint meetings

    Supporting development of test objectives

    Reviewing test plans to ensure objectives are feasible and executable

    Participating in test planning site visits

    Test Preparation

    Support preparation for cyber OT&E execution, including:

    Participation in site pre-test coordination visits and delivery of test site in-briefs

    Reviewing approved test plans

    Adding relevant information and artifacts to the test library

    Conducting focused research on SUTs and presenting findings to the red team

    Preparing OPTEVFOR Red Team test assets and environments

    Test Execution

    Execute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletops, in support of Operational Testing, Developmental Testing, risk reduction events, and other assigned events

    Employ OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including but not limited to:

    Core Impact, Nmap, Burp Suite, Metasploit, Nessus

    Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations associated with:

    Operating systems (Windows, Linux, Unix)

    Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)

    Execute assigned tasks independently with oversight from intermediate or advanced operators

    Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies

    Adhere to JFHQ-DoDIN deconfliction procedures

    Verify accuracy and completeness of collected test data

    Post-Test Activities

    Participate in the post-test iterative process, including development of deficiency and risk documentation

    Document lessons learned and contribute to continuous improvement of red team operations

    Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop required products and materials to support these activities

    Attend OPTEVFOR-required meetings in support of OT&E activities

    DCWF Knowledge, Skills, Abilities, and Tasks (KSATs)

    Tasks & Abilities

    Analyze target operational architectures to identify access vectors

    Conduct network reconnaissance, scouting, and vulnerability analysis

    Perform on-net and off-net activities to control and exfiltrate data

    Conduct open-source intelligence (OSINT) collection

    Deploy and utilize exploitation tools (e.g., backdoors, sniffers)

    Exploit network, security, and endpoint devices using approved methods

    Facilitate access via physical or wireless means

    Identify network strengths, weaknesses, and vulnerabilities

    Translate customer requirements into operational actions

    Skills

    Interpreting vulnerability scan results

    Extracting and analyzing packet capture data

    Using remote command-line and GUI tools

    Processing collected data for follow-on analysis

    Verifying file integrity

    Determining patch levels and identifying patch signatures

    Knowledge

    Computer hardware components and architectures (CPU, NICs, storage)

    Auditing and logging procedures

    Programming fundamentals

    Malware concepts

    Network infrastructure devices (routers, switches, firewalls)

    Exploitation tool structures and techniques

    System administration concepts for Windows and Unix/Linux

    Network architectures, protocols, and services (TCP/IP, DNS, web, mail)

    Virtual machine technologies

    Collection management processes, capabilities, and limitations