Description
Command Post Technologies, Inc. (CPT) is seeking a Cyber Security Evaluation & Testing (CSET) Team Member that can actively participate and fulfill the tasks required of the CSET Team.
Responsibilities:
- Oversee CSET Team operators and provide guidance and subject matter expertise to government personnel.
- Support offensive security/red team/adversarial emulation testing.
- Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery.
- Develop comprehensive security testing strategies and programs to provide assurance that security controls are designed and operating effectively.
- Develop innovative accelerators, tools, mechanisms, and processes to enhance the security team's velocity and scale to customer needs.
- Facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately. Demonstrate creativity, insight, intellectual flexibility, and sound business judgment throughout the process.
- Work independently but collaborate with cross-functional to provide security engineering consulting and control design recommendations to reduce risk.
- Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure.
- Systematically analyze each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering.
- Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement.
- Safely utilize attacker tools, tactics, and procedures when in sensitive environments/devices.
- Evade EDR devices such as Windows Defender and Carbon Black to avoid detection by Defenders/behavioral based alerting to further the engagement objectives.
- Demonstrate expertise in one of the following: Active Directory, Software Development, Incident Response, or Cloud Infrastructure.
- Carefully document and log all exploitation activities.
- Continually exercise situational awareness to quickly identify any instances of cohabitation.
- Document identified vulnerabilities and research corrective/remediation actions to recommend a risk mitigation technique(s).
- Demonstrate new vulnerabilities and assist Network Defenders (Blue Team) with the refinement of detection capabilities.
- Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents.
- Communicate effectively with Team Members during an engagement.
- Ability to think unconventionally to develop adversarial TTPs.
- Keep current with TTPs and the latest offensive security techniques.
Requirements
Requirements:
- Bachelor's degree in computer science; engineering; mathematics, management of information systems; cybersecurity; or a related field of study.
- 5+ years of cyber adversarial emulation experience to include penetration testing of modern Windows and Linux operating systems, IP-based networks and protocols, 802.11 networks, and/or web applications.
- 10+ years of experience in leading complex and technically diverse teams of cyber personnel (software developers, system admins, pen testers, incident responders, etc.).
- Intermediate knowledge of known Advanced Persistent Threat (APT) actor Techniques, Tactics, and Procedures (TTPs), to include familiarity with terminology from Mitre ATT&CK used to describe TTPs used in cyberattacks.
- Intermediate knowledge of techniques and tools used for exploit development of common operating systems, software debugging, and application fuzzing.
- Intermediate knowledge of tools and techniques used for incident response, reverse engineering, and digital forensics.
- Strong oral communication skills, ability to project confidence and enthusiasm, in the following core areas: formal presentations; soliciting goals and requirements from range users; explaining adversarial emulation in the context of testing and training events; effectively communicating event and environment requirements to CSET members; explaining cost estimates based on estimated levels of CSET effort; managing expectations as relevant to CSET TTPs; and explaining technical nuances and significant attributes of advanced cyberattacks to non-cyber-savvy audiences.
- Superior technical writing skills, including the ability to author, review, and provide clear input/feedback to documents drafted by CSET personnel.
- Ability to create convincing technical briefing materials relevant to a range of training and test events.
- Be able to work independently and to collaborate with cyber range and event leadership, CSET Team Members, users, and other event stakeholders.
- Required/Maintain IAT Level III or IAM Level III 8570 certifications include one or more of the following:
- CASP+ CE
- CCNP Security
- CISA
- GIAC Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- CISM
- GSLC
- CCISO
- Certified Information Systems Security Professional (CISSP).
- In addition to meeting the applicable Cyber Security workforce (CSWF) requirements for Computer Network Defenders (CND) Auditors (DoD 8570) or Vulnerability Assessment Analysts (SECNAV 5239.2), CSET members must obtain one or more of the following vendor certifications within 6 months of being hired:
- Offensive Security Certified Engineer (OSCE)
- Offensive Security Certified Professional (OSCP)
- GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)
- Offensive Security Certified Engineer (OSCE3)
- U.S. citizenship and active Top-Secret/SCI clearance required.
About Us: We are Command Post Technologies, Inc. (CPT). CPT is a Service-Disabled, Veteran-Owned Small Business (SDVOSB), providing engineering services in the areas of Cyber Security, Software Development, Test & Evaluation, and Strategic Planning. CPT employees appreciate working in a caring environment that promotes a healthy work-life balance. As individuals, we come together as a team, supporting a culture rooted in our core principles of integrity, determination, and innovation. In all CPT's collaboration efforts, our team prioritizes communication, accountability, and being resourceful to maximize efficiency and results.
What's In It for You
- Leadership training
- Career professional development
- Tuition reimbursement
- Flexible hours
- Work/Life balance
- Rewards and recognition
- Parental Leave
Command Post Technologies, Inc. (CPT) is a Service-Disabled Veteran-Owned Small Business (SDVOSB) founded in 2008 and headquartered in Suffolk, VA with personnel in various states including Virginia, Maryland, Florida, and Texas. With 2/3 of our staff being former military, CPT firmly believes in employing veterans. Command Post Technologies, Inc. is a unique provider of innovative solutions that enhance our corporate clients' productivity and empower our government clients with the ability to protect against all enemies: foreign and domestic. CPT adapts its successful military experiential approach to the needs of leaders in a global business environment and provides an elite leadership curriculum that results in a world-class, leadership-altering event.
Command Post Technologies Inc. (CPT) is an Equal Employment Opportunity and Affirmative Action employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identify, gender expression, sex, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law. We take Affirmative Action to ensure equal opportunities for employees and potential employees without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sex, sexual orientation, marital status, veteran status, disability genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.
We abide by the Pay Transparency Nondiscrimination Provision and will refrain from discharging, or otherwise discriminating against employees or applicants who inquire about, discuss, or disclose their compensation or the compensation of other employees or applicants. An exception exists where the employee or applicant makes the disclosure based on information obtained while performing his or her essential job functions.