We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Offensive Cyber Security Engineer

Arcfield
United States, South Carolina, Charleston
Nov 12, 2024
Overview

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.


Responsibilities

Position Summary:

Offensive Cyber Security Engineer is responsible for providing support for cybersecurity assessment and accreditation activities for the Navy's National Warfare Red Team (NWRT). The engineer will be responsible for conducting simulated attacks, assessing security measures, and working closely with security teams to remediate identified issues. The ideal candidate is a problem-solver with strong technical skills, a deep understanding of cybersecurity principles, and a passion for ethical hacking. The Offensive Cyber Computer Engineer will support the National Warfare Red Team (NWRT) in conducting Red Team operations, managing infrastructure, and developing custom cybersecurity tools to support red team operations.

Key Responsibilities:

  1. Red Team Assessment Operations Support:
    • Support security assessment efforts for the NWRT, utilizing expertise in all DoD Cyber Red Team capabilities such as Remote and Local Cyber Operations, User-Driven Attacks, Long Term Persistence Missions, Active/Passive Wireless Assessments, and Close Access Enabling Cyber (CAEC) activities.
    • Execute Operational Vulnerability Assessments (OVA), Acquisition Penetration Assessments (APA), and Cyber Opposing Force (OPFOR) Aggressors Exercises following the United States Cyber Command Standing Ground Rules (SGR).
    • Conduct adversarial cybersecurity Developmental and Operational Test and Evaluation (DOT&E) events, penetration tests, and support NWRT assessment methodologies.
    • Develop and maintain Tactics, Techniques, and Procedures (TTPs) for network penetration, data exfiltration, CAEC, phishing campaigns, and malware development.
  1. Red Team Certification and Accreditation Support:
    • Support the maintenance and updating of the Red Team's DoD Cyber Red Team accreditation, including developing and tailoring documentation packages such as CONOPS, System Security Plans (SSPs), Standard Operating Procedures (SOPs), and report templates.
    • Conduct self-assessments against Red Team evaluation scoring metrics (ESMs) and governing policies to ensure compliance and readiness for accreditation evaluations.
    • Build and maintain curriculum, courseware, laboratory environments, and study aids to support DoD Red Team certification, accreditation, and self-assessment activities.
  1. Infrastructure Support:
    • Develop, monitor, and maintain the NWRT's infrastructure for assessment operations and administration, including cloud computing environments and Gold Disk images for various operating systems.
    • Support the implementation of the Risk Management Framework (RMF) process for systems or hosting environments, ensuring compliance with DoD and Navy cybersecurity policies and guidelines.
  1. Cybersecurity Tool Development:
    • Support software development activities to create and maintain cybersecurity tools and infrastructure components that enable NWRT operations, from offensive operations to administrative tasks.
    • Ensure tools are interoperable with developed management systems and provide user guides and training for new tools.

Qualifications

Required:

  • Bachelor's degree in Computer, Electrical or Electronics Engineering or Mathematics with field of concentration in computer science.
  • 3 years' experience in Cyber Security with MS or BS
  • 1 years' experience specializing in Red Team Operations
  • DoD IAT II certification (i.e. Security+ CE, CASP, CISSP, etc.)
  • Individual shall have relevant professional certifications or be willing to achieve (within 1 year) one of the following:
    • Offensive Security Certified Professional (OSCP)
    • Offensive Security Certified Expert (OSCE) or
    • Offensive Security Exploitation Expert (OSEE)
    • Offensive Security Exploit Developer (OSED)
    • Offensive Security Experienced Pentester (OSEP)
    • Offensive Security Wireless Professional (OSWP)
    • Offensive Security Web Expert (OSWE)
    • Hack The Box Certified Penetration Testing Specialist (HTB CPTS)
    • Hack The Box Certified Bug Bounty Hunter (HTB CBBH)
    • Certified Red Team Operator (CRTO) from Zero Point Security
    • Certified Red Team Lead (CRTL) from Zero Point Security
    • Practical Network Penetration Tester (PNPT)
    • GIAC Red Team Professional (GRTP)
    • GIAC Experienced Penetration Tester (GX-PT)
    • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • Must POSSESS and be able to maintain a TS/SCI clearance

Preferred Qualifications:

  • Master's degree in Computer, Electrical or Electronics Engineering or Mathematics with field of concentration in computer science.
  • Experience working with a NSA accredited DoD Red Team.

EEO Statement

EEO

Arcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

Applied = 0

(web-5584d87848-99x5x)