207 Business Park Dr., Ste. 100
VA Beach, VA 23462
Cyber Threat Emulation Support (CTE)
Employee Type: Full-Time
Location: Suffolk, VA
Job Type: IT Specialist
Experience: 2+ Years
Clearance: Top Secret / SCI Eligible
AERMOR LLC is qualified candidates to provide technical and analytical support for FCC OCA in support of all OCA inspections. Candidates shall perform a wide variety of technical support services and functions required to meet the mission of FCC OCA to enhance overall DoDIN-N readiness and security.
- Support during CCORIs will include areas such as information technology (IT), Platform IT (PIT), Supervisory Control and Data Acquisition (SCADA), Weapon Systems, Hull, Mechanical and Electrical (HM&E), Combat & Integrated Warfare Systems (C/S), and other additional technology areas as directed by JFHQ-DODIN under the CCORI program.
- Utilize a variety of techniques and tools, such as surveillance, close-access operations, and penetration testing to discover cybersecurity flaws and vulnerabilities and shall provide the following:
- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
- Recognize and safely utilize attacker tools, tactics, and procedures
- Develop scripts, tools, or methodologies to enhance cyber threat emulation processes
- Assist with scoping and supporting inspections, from kickoff through remediation, and mentoring less experienced staff
- Utilize expert skills in evaluating IT security environments and firewall technologies, conducting on-site or remote vulnerability scans, specific technology area technical and manual reviews, and recognizing vulnerabilities and intrusions.
- Provide hands-on expertise on-site and remotely, using manual and automated processes.
- Utilize knowledge of cyber threat emulation and penetration testing principles, tools, and techniques. Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, cyber threat emulation, penetration testing, computer forensics, information assurance, and/or systems engineering.
- Through assessments and inspections, the contractor shall evaluate systems and Defensive Cyberspace Operations (DCO) effectiveness using CTE tactics and performance-based testing and methodologies.
- Conduct remote and on-site CTE operations to assess an organization’s cybersecurity posture and defensive cyberspace operational effectiveness against an opposing force and maintain related artifact documentation.
- Assist in developing of CTE Attack Plan, Assessment Plan, Rules of Engagement, documenting CTE metrics & processes, tools used to emulate adversary behavior tailored to intelligence & threat information associated with an inspected organization mission or other indicators.
- Collect, analyze, record, and report appropriate scenario information and corresponding Defensive Cyberspace Operations (DCO) data.
- Develop and evolve CTE scenarios, capabilities, and Tactics, Techniques, and procedures (TTPs) based on known threats to the DoDIN, new technologies, previous inspection analysis, and lessons learned.
- Conduct post-inspection sanitization, analysis, and reporting.
- Develop and maintain threat assessment SOPs, checklists, and guides associated with CTE in cybersecurity inspections/assessments.
- Ensure daily reporting, status updates, and support to on-site hotwashes, are provided as directed by the government.
- Experience in exploitation and vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.)
- Manage the multi-domain/multi-forest Active Directory to support CTE operations.
- Simulate sophisticated cyberattacks to identify vulnerabilities.
- Assess Cybersecurity Service Provider (CSSP) capabilities to identify, protect, and defend against simulated adversary TTPs through Measures of Performance (MOP) and Measures of Effectiveness (MOE) assessment in conjunction with cybersecurity inspections/assessments.
- Ensure inspection data is captured, collected, and archived in Government data repositories. Provide post-inspection CTE reports, CTE storyboarding, analysis and trending, and lessons learned
Required Skills and Experience:
- Minimum of two (2+) years’ experience in DoD Network Operations or IA operations to include Local Area Network (LAN) administrator experience. The position will primarily require the candidate to work with a team of penetration testers, helping to conduct varied testing efforts against applications and networks both for the federal government.
- Integrate into ongoing testing efforts, requiring subject matter expertise in multiple disciplines of vulnerability testing and assessment, the ability to interact and liaison directly with clients, and a strong ability to write and document findings.
- DoD 8570.01-M IAT Level II Certification OR CSSP Auditor OR CSSP Analyst
- Education: Minimum of Associate’s degree in a related field, or equivalent education or experience and related training
For more information contact: firstname.lastname@example.org