Red Team Operator

Mission Multiplier - Huntsville, AL

posted 5 days ago

Full-time - Senior
Huntsville, AL

About the position

Mission Multiplier is seeking a Red Team Operator to enhance cybersecurity measures through red team activities. This role involves assessing the security of systems, conducting penetration testing, and collaborating with clients to develop effective security strategies. The operator will utilize advanced threat modeling and ethical hacking practices to identify vulnerabilities and improve defensive measures.

Responsibilities

  • Assess the logical, social, and physical security of systems under test (SUT) using emulated adversarial and traditional penetration testing tools.
  • Conduct advanced persistent threat modeling and live emulation throughout the MITRE ATT&CK framework.
  • Perform static and dynamic application security testing (SAST/DAST) via automated and manual testing.
  • Coordinate with client and contract leadership to develop mission Rules of Engagement (RoE).
  • Conduct Cyber Threat Intelligence collection and analysis on the SUT using OSINT techniques.
  • Collaboratively develop threat-based test plans with Blue operators.
  • Plan Red Team adversarial infrastructure, targeting, and weaponeering required to execute test plans successfully.
  • Oversee implementation and refinement of attack infrastructure.
  • Execute test plans per plan, reviewing outcomes with Blue operators iteratively.
  • Assess overall security of system from adversarial perspective pre- and post-engagement.
  • Prepare and deliver detailed mission reports for both technical and executive audiences.
  • Conduct technical exchanges with Blue operators and other Federal Red and Purple teams.
  • Develop and deliver customized cyber defense training tailored to client's specific configurations.

Requirements

  • Minimum of 8+ years of related experience with red team activities, primarily focused on government systems.
  • Ability to obtain a High Public Trust Clearance.
  • Possesses ethical hacking and/or tradecraft training certification, such as the CEH, Pen+, or OSCP/E.
  • Possesses cybersecurity certification, such as the Sec+ or CISSP.
  • Knowledge of principles and practices of ethical hacking and cybersecurity.
  • Knowledge of NIST SP 800 series and Agile software development lifecycle (SDLC).
  • Demonstrated proficiency in cyber targeting and weaponeering, and adversarial emulation of tools and tradecraft.

Nice-to-haves

  • Demonstrated ability to perform penetration testing - SAST, DAST, and OSCA (automated and manual).
  • Demonstrated ability of basic coding (C, Python, Java).
  • Demonstrated ability to perform advanced scripting (PowerShell and bash).
  • Demonstrated ability to perform cloud infrastructure development and deployment (AWS, Azure, or Google).

Benefits

  • Group Life Insurance
  • Voluntary Life/AD&D Insurance
  • Medical Insurance
  • Secondary/GAP Insurance
  • Dental Coverage
  • Vision Coverage
  • Short-Term Disability Insurance
  • Long-Term Disability Insurance
  • Accident Insurance
  • Critical Illness Insurance
  • 401k (w/ employer match) after six (6) months of continuous service

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service