Basic Red Team Operator

About The Position

Requirements

• Certified Ethical Hacker (CEH) certification or equivalent/higher offensive cybersecurity certification
• Minimum of one (1) year of experience performing penetration testing, red teaming, and/or exploitation development
• Proficiency in at least two operating systems, including Windows, Linux, or Unix variants
• Proficiency with at least one offensive security tool, such as: Metasploit Cobalt Strike Core Impact
• Ability to operate independently to conduct penetration testing or red team activities under guidance from senior or intermediate operators
• Ability to independently generate red team reports and supporting documentation
• Analyze target operational architectures to identify access vectors
• Conduct network reconnaissance, scouting, and vulnerability analysis
• Perform on-net and off-net activities to control and exfiltrate data
• Conduct open-source intelligence (OSINT) collection
• Deploy and utilize exploitation tools (e.g., backdoors, sniffers)
• Exploit network, security, and endpoint devices using approved methods
• Facilitate access via physical or wireless means
• Identify network strengths, weaknesses, and vulnerabilities
• Translate customer requirements into operational actions
• Interpreting vulnerability scan results
• Extracting and analyzing packet capture data
• Using remote command-line and GUI tools
• Processing collected data for follow-on analysis
• Verifying file integrity
• Determining patch levels and identifying patch signatures
• Computer hardware components and architectures (CPU, NICs, storage)
• Auditing and logging procedures
• Programming fundamentals
• Malware concepts
• Network infrastructure devices (routers, switches, firewalls)
• Exploitation tool structures and techniques
• System administration concepts for Windows and Unix/Linux
• Network architectures, protocols, and services (TCP/IP, DNS, web, mail)
• Virtual machine technologies
• Collection management processes, capabilities, and limitations

Responsibilities

• Become proficient in OPTEVFOR Cyber Test & Evaluation CONOPS, SOPs, policies, and guidance
• Research and submit operational requirements for acquisition of cyber tools and equipment in accordance with the 01D tool approval process
• Support development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations
• Participate in OPTEVFOR cyber test planning activities, including: Conducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components Identifying attack surfaces and potential threat vectors Participating in checkpoint meetings Supporting development of test objectives Reviewing test plans to ensure objectives are feasible and executable Participating in test planning site visits
• Support preparation for cyber OT&E execution, including: Participation in site pre-test coordination visits and delivery of test site in-briefs Reviewing approved test plans Adding relevant information and artifacts to the test library Conducting focused research on SUTs and presenting findings to the red team Preparing OPTEVFOR Red Team test assets and environments
• Execute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletops, in support of Operational Testing, Developmental Testing, risk reduction events, and other assigned events
• Employ OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including but not limited to: Core Impact, Nmap, Burp Suite, Metasploit, Nessus
• Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations associated with: Operating systems (Windows, Linux, Unix) Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
• Execute assigned tasks independently with oversight from intermediate or advanced operators
• Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
• Adhere to JFHQ-DoDIN deconfliction procedures
• Verify accuracy and completeness of collected test data
• Participate in the post-test iterative process, including development of deficiency and risk documentation
• Document lessons learned and contribute to continuous improvement of red team operations
• Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop required products and materials to support these activities
• Attend OPTEVFOR-required meetings in support of OT&E activities