Red Team Operator (Jr. Engineer level)

Ampcus - Reston, VA

posted 6 days ago

Full-time - Entry Level
Remote - Reston, VA
Professional, Scientific, and Technical Services

About the position

The Red Team Operator (Junior Engineer level) is responsible for conducting offensive cyber security operations to assess and enhance the organization's security posture against cyber threats. This role involves performing penetration testing, engaging in collaborative purple teaming exercises, executing multi-stage attack simulations, and providing technical guidance to improve security measures. The position requires a strong understanding of various security tools and techniques, as well as the ability to stay updated on emerging threats.

Responsibilities

  • Conduct Offensive Cyber Security Operations to assess the organization's security posture.
  • Perform Penetration Testing on the Digital Exam Player, web applications, and other systems.
  • Engage in Purple Teaming to enhance defensive capabilities through collaboration with internal teams.
  • Execute Multi-stage Attack Simulations to simulate attacks and assess security measures.
  • Create Threat Mimicry to evaluate defensive capabilities against adversary tactics.
  • Conduct Security Control Evaluations to assess detection and response capabilities of security controls.
  • Investigate C2 Techniques and monitor C2 traffic for anomalies.
  • Provide Technical Guidance to the vulnerability management team and threat hunters.
  • Contribute to Culture Building within Cyber Operations teams.
  • Stay abreast of emerging threats and vulnerabilities affecting web applications.

Requirements

  • A bachelor's in computer science or equivalent work experience.
  • 5 years in IT, with at least 1 year in offensive security.
  • Experience in Red/Purple team exercises and penetration testing.
  • Proficiency in C2 frameworks (e.g., Cobalt Strike).
  • Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred.
  • Familiarity with open-source/commercial offensive security tools and cloud-based attacker infrastructure deployment.
  • Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat Profiling.
  • Experience with IDS/IPS, SIEM, network defense tools, DLP technologies, and network security architecture.
  • Proficiency with Burp Suite and testing Web Applications and APIs.
  • Familiarity/experience with Electron framework preferred.
  • Ability to maintain discretion and integrity at all times.
  • Ability to work in the US without sponsorship.

Nice-to-haves

  • Familiarity/experience with Electron framework preferred.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service