Red Team Operator

Amentum is currently seeking Red Team Operators that will assist in the development of cyber test plans, execute cyber tests, and report cyber test results. The Red Team Operator will conduct cyber tests on operational systems, in laboratory environments, or in cyber range environments. Testing may be against physical, virtualized, or cloud-based systems. Candidate must be eligible to obtain a security clearance. Roles and Responsibilities Review and become proficient in OPTEVFOR cyber-T&E concept of operations, SOPs, policies and guidance. Maintain and participate in the development of 01D SOPs and documentation for DCAT authorization established in DoDI 8585.01. Research, review, prioritize, and submit operational requirements for acquisition of equipment or cyber capabilities, following the 01D tool approval process. Support development and execution of TTPs for penetration testing or Red Teaming. Research adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into cyber survivability test planning and execution. Participate in OPTEVFOR Cyber Test planning: Conduct open-source research and system under test documentation review to familiarize with the system’s mission, architecture and interfaces including critical components to identify its attack surface and threat vectors Participate in check point meetings Guide development of test plan objectives Review test plans, ensuring that test plans objectives are feasible Participate in test planning site visits Participate in test preparation: Participate in site pre-test coordination visits. Support in-brief to the test site. Lead red team test plan review Add relevant system technical information to test reference library Organize and lead research presentations for advanced capability development in support of future tests Prepare OPTEV-RT test assets (Government Furnished) Execute test events, including Cooperative Vulnerability Penetration Assessments, Adversarial assessments, and Cyber Tabletops, in support of Operational Testing, Developmental Testing, risk reduction events, or other events, as assigned. Use OPTEVFOR provided and NAO approved commercial and open-source network cyber assessment tools (e.g. Core Impact, Nmap, Burp, Metasploit, and Nessus). Employee ethical hacking expertise to exploit discovered vulnerabilities and misconfigurations associated with but not limited to operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.) to accomplish test objectives Be able to accomplish testing independently and provide direction to basic and intermediate operators Ensure tests are conducted safely, in accordance with the test plan, and OPTEVFOR policies are adhered to. Follow Joint Forces Headquarters (JFHQ)-DODIN deconfliction procedures Verify collected data for accuracy and completeness. Participate in the post-test iterative process, including generation of documents (e.g. deficiency/risk sheets) Document lessons learned. Participate in capture the flag events, cyber off sites, external engagements such as red team huddles and red team technical exchange meetings; develop required products and materials in support of these events. Attend OPTEVFOR required meetings in support of OT&E. Generate and update documentation to maintain DCAT authorization compliance per DoDI 8585.0. Qualifications Basic Operator Certified Ethical Hacker (CEH), equivalent, or higher certification. Minimum 1 year of experience performing any combination of penetration testing, red teaming, or exploitation development. Proficient in at least two operating systems, to include Windows, Linux, or Unix variants. Proficient in at least one of the following offensive tools: Metasploit Cobalt Strike Core Impact Independently operate to conduct penetration testing/red teaming under the guidance of a senior or mid red team operator to accomplish assigned test objectives. Independently generate red team report documents. Requirements Analyze target operational architecture for ways to gain access. Conduct network scouting and vulnerability analyses of systems within a network. Conduct on-net and off-net activities to control, and exfiltrate data from deployed, automated technologies. Conduct open-source data collection via various online tools. Conduct survey of computer and digital networks. Deploy tools to a target and utilize them once deployed (e.g., backdoors, sniffers). Exploit network devices, security devices, and/or terminals or environments using various methods or tools. Facilitate access enabling by physical and/or wireless means. Identify points of strength and vulnerability within a network. Skill in determining installed patches on various operating systems and identifying patch signatures. Skill in extracting information from packet captures. Skill in identifying the devices that work at each level of protocol models. Skill in interpreting vulnerability scanner results to identify vulnerabilities. Skill in processing collected data for follow-on analysis. Skill in remote command line and graphical user interface tool usage. Skill in using tools, techniques, and procedures to exploit a target. Skill in verifying the integrity of all files. Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., Central Processing Unit (CPU), Network Interface Card (NIC), data storage). Knowledge of auditing and logging procedures (including server-based logging). Knowledge of basic programming concepts (e.g., levels, structures, compiled vs. interpreted languages). Knowledge of malware. Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. Knowledge of structure, approach, and strategy of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis of other systems in the network). Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. Knowledge of the basic structure, architecture, and design of modern communication networks. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. Knowledge of virtual machine technologies. Knowledge of collection management processes, capabilities, and limitations. Ability to interpret and translate customer requirements into operational action. Ability to perform network collection tactics, techniques, and procedures to include decryption capabilities/tools. Intermediate Operator Offensive Security Certified Professional (OSCP) or equivalent certification Minimum 3 years’ experience performing any combination of: penetration testing, red teaming, or exploitation development. Proficient in multiple offensive tools, including: Metasploit Cobalt Strike Core Impact Burp Suite Nessus SharpHoundBloodHound Ability to validate functionality and safety of offensive tools (e.g. exploits) given the source code and document the results. Ability to detect malicious activity of a program using dynamic analysis techniques and document the results. Independently operate to conduct penetration testing/red teaming to accomplish assigned test objectives Meets all requirements for a basic red team operator in addition to the following: Skill in assessing current tools to identify needed improvements. Skill in knowledge management, including technical documentation techniques (e.g., Wiki page). Knowledge of current software and methodologies for active defense and system hardening. Knowledge of encryption algorithms and cyber capabilities/tools (e.g., Transport Layer Security, Pretty Good Privacy). Knowledge of evasion strategies and techniques. Knowledge of forensic implications of operating system structure and operations. Knowledge of host-based security products and how they affect exploitation and vulnerability. Knowledge of network administration. Knowledge of network construction and topology. Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation. Knowledge of security implications of software configurations. Knowledge of the fundamentals of digital forensics in order to extract actionable intelligence. Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations. Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications). Knowledge of network collection procedures to include decryption capabilities/tools, techniques, and procedures. Advanced Operator Advanced red team operator must meet all qualification requirements of an intermediate red team operator in addition to the following: Minimum 6 years’ experience performing any combination of: penetration testing, red teaming, or exploitation development. Minimum 6 years with proficiency in leading red team operators in penetration testing/red teaming to accomplish assigned test objectives. Meets all requirements for an intermediate access network operator in addition to the following: Knowledge of deconfliction reporting to include external organization interaction. Collaborate with development organizations to create and deploy the tools needed to achieve objectives. Develop new techniques for gaining and keeping access to target systems. Preferred Requirements Security Clearance Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters. Welcome back! We encourage you to check on the status of your current job applications with us. You can also search for a list of our current job openings and see if there are any new positions that might be a good fit for you. Thank you for continued interest in employment with Amentum. For more than 100 years, Amentum has tackled the world’s toughest challenges to deliver agile and steadfast solutions to the U.S. government and its allies. With more than 50,000 employees on all seven continents and in more than 60 countries, Amentum delivers a broad range of operational support services to meet the critical needs of our clients. Our headquarters are in Chantilly, VA. Find us online at https://www.amentum.com/ If you need a reasonable accommodation for any part of the employment process, please contact us by email at TAOps@amentum.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. EEO including Disability/Protected Veterans Labor Laws Posters Amentum has become aware of unauthorized individuals who are falsely using the Amentum name and /or logo in an attempt to solicit fees from potential job seekers. These deceptive and unauthorized individuals are soliciting money, promising placement in a position with Amentum. Please note any communication requesting any amount of money in exchange for employment with Amentum is fraudulent. These communications do not originate from Amentum and are not associated with the recruitment process. Amentum and its affiliates never charge candidates fees or payments of any kind in order to secure employment. As a precaution, we recommend you do not disclose personal or financial details to anyone as a response to an unsolicited email, social media, or dating website request. Amentum will never as ask for a placement fee or any other fee to expedite the hiring process. If you are contacted by anyone offering employment with Amentum, you should never be asked to pay a fee for recruiting. Amentum personnel will always send email from an identifiable corporate account (ending in @amentum.com) and never from a public email account like Yahoo!, Google, Gmail, or Hotmail. If you are contacted regarding a fraudulent employment proposal, we encourage you to alert your local law enforcement agency/police authority. To read more about Amentum’s commitment to ethics, please click here.