Cyber Threat Emulation Analyst (TS/SCI clearance)
Company: Red River Technology LLC
Location: San Antonio
Posted on: August 6, 2022
|
|
Job Description:
PositionSummary:Red River is seeking a Residency Services team
member to join our team based in San Antonio for our important DOD
customer. They will be supporting a mission with multiple other
Residents from Red River. Team Red River is seeking a Cyber Threat
Analyst for the 33rd Network Warfare Squadron (33 NWS) conducting
Air Force Defensive Cyberspace Operations. This contract provides
support 24 hours a day/seven days a week/365 days a year spanning
cyber defense, network operations and information
protection.Primary Position Tasks:The ability of the AFCERT to
complete its mission is dependent upon the ability to develop
methods to identify, contain, log and analyze security
vulnerabilities/holes on Air Force systems. The CTE&A analyst
contractor employees may be required to provide 24-hour coverage
(shift work) for seven (7) days a week, 365 days a year with zero
tolerance for error. Conduct both automated and manual enterprise
vulnerability assessments, including conducting regular patch &
configuration vulnerability assessments as directed by operational
flight leads. Conduct Cyber Threat Emulation operations, and
coordinate with security teams to strengthen the overall security
posture of the AFNet and AFIN various tools and capabilities. Test
for realtime security vulnerabilities, conduct assessments, and
assess vulnerability risk and impact. Continuously develop and
maintain safe and valid procedures to actively test Enterprise
defensive measures. Develop mitigations, policies, and procedures
to coordinate with internal teams. Work with incident response team
to better design response policies and procedures. Generate threat
intelligence indicators during the course of Cyber Threat Emulation
operations and provide reports back to ACD operators. Coordinate
with internal and external intelligence teams in order to replicate
threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
Research and evaluate threats and vulnerabilities to assist in
prioritization of remediation actions. Utilize knowledge and
understanding of the Cyber Threat Framework (ODNI) and production
of Threat Emulation findings. Utilize the MITRE ATT&CK
framework to perform cyber security operations testing, and develop
improvements based upon real adversary behavior. * Formulate, lead
and persuade individuals, large teams and communities on ideas,
concepts, and opportunities.Leverage research, frameworks, and best
practices on the latest exploits and security trends and currency
on industry trends and provide operational reports/assessments for
development of tactics, techniques, and procedures. Provide OJT to
other contractor employees, military, and/or civilian personnel,
and ensure continuity folders/working aids are updated at least
once per quarter in order to ensure efficient transition when
personnel rotate. Provide information to operational leaderships
tasking as required as it relates to CTE actions.Contract support
requires 100% IAT Level III CND compliance.Minimum
Education/Certification/ExperienceRequirements:Five (5) years of
penetration testing experience. Demonstrated advanced knowledge of
cyber security operations with master of two or more of the
following: attack surface management, Security Operations Center
(SOC) operations, Intrusion Detection/Intrusion Prevention Systems
(IDS/IPS), Security Information and Event Management (SIEM) use,
threats (including Advanced Persistent Threat (APT), insider),
vulnerabilities, and exploits; incident response, investigations
and remediation.Experience with PowerShell, BASH or Python
scripting/programming language. Must have a strong understanding of
Linux Operating System.Extensive knowledge of MITRE ATT&CK
framework, and its uses within the cybersecurity community (e.g.,
Open Source projects)Preferred
Education/Certification/Experience:College EducationEssential
Elements (Mental; Physical; Equipment used):This position is an
office position that requires remaining in a stationary position
for multiple hours throughout the workday.This position requires
the ability to continuously communicate with co-workers throughout
the day utilizing Red River approved and/or provided communication
tools and equipment.SpecialRequirements:This position will operate
from the location specified above. Some travel may be required, not
to exceed 25%.Clearance Level:TS/SCIMust be willing to work shift
workRed River offers a competitive salary, excellent benefits and
an exceptional work environment. You can review our benefit
offerings here. If you are ready to join a growing company, please
submit your resume and cover letter (optional).EOE
M/F/DISABLED/VetRed River is an equal opportunity employer and
makes employment decisions without regard to race, color, religion,
sex, sexual orientation, gender identity, national origin,
disability, veteran status.Red River does not accept unsolicited
resumes from individual recruiters or third party recruiting
agencies in response to job postings or otherwise. Placement fees
will not be paid to any recruiter unless Red River has an active
agreement in place with the recruiter and such a request has been
made by the Red River Talent Acquisition team and such candidate
was submitted to the Red River Talent Acquisition Team via our
Applicant Tracking System. Any unsolicited resumes or other data
submitted to Red River in violation of this policy may be used by
Red River without obligation to pay any fees of any kind to the
recruiter.SDL2017
Keywords: Red River Technology LLC, San Antonio , Cyber Threat Emulation Analyst (TS/SCI clearance), Professions , San Antonio, Texas
Click
here to apply!
|