Exploitation Analyst

About The Position

Requirements

• Eligibility for Top Secret / Sensitive Compartmented Information (TS/SCI).
• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical discipline
• OR a minimum of five (5) years of experience supporting DoD defensive or offensive cyberspace operations planning or exploitation analysis
• Demonstrated proficiency decomposing complex computer systems and network architectures in support of exploitation analysis
• Proficiency with Microsoft Office applications, including Visio, Project, Excel, and PowerPoint
• Proven ability to apply quality assurance and quality control (QA/QC) processes to analytical products prior to Government delivery
• Excellent written and verbal communication skills, including experience briefing senior leadership (O-6 / GS-15 or above)
• Computer system architectures and physical components (CPUs, NICs, storage, peripherals)
• Network addressing, routing, and protocols (IP, CIDR, TCP/UDP, SMTP)
• Common networking devices and configurations (routers, switches, hubs)
• Operating systems concepts (Linux, Unix)
• Communications media and technologies (wired, wireless, satellite)
• Cyber attack methods and techniques (e.g., DDoS, spoofing, brute force)
• Malicious activity lifecycle concepts (footprinting, scanning, enumeration)
• Internet and routing protocols and application behaviors
• Develop comprehensive exploitation strategies identifying technical and operational vulnerabilities
• Identify, describe, and assess system and network vulnerabilities
• Analyze complex systems to determine exploitable attack surfaces
• Collaborate effectively across Government, contractor, and red team stakeholders
• Communicate complex technical information clearly through written, verbal, and visual means
• Apply QA/QC rigor to analytical products supporting senior-level decision making

Responsibilities

• Headquarters (HQ) Support
• Serve as an OPTEVFOR 01D Exploitation Analyst supporting cyber survivability policy and process oversight for warfare divisions
• Become proficient in and adhere to OPTEVFOR cyber OT&E CONOPS, SOPs, policies, and guidance
• Support sustainment, updates, and instruction of the OPTEVFOR Cyber Survivability Test Planning Course
• Attend OPTEVFOR-required meetings in support of OT&E activities
• Identify and communicate risks, issues, and challenges to the 01D Future Operations Officer in a timely manner
• Participate in development and maintenance of 01D SOPs and OPTEVFOR cyber test planning documentation, including participation in the Configuration Control Board (CCB) process
• Pre-Test Planning
• Support development of overall cyber OT&E strategy and test scope for acquisition programs
• Review and assess Test and Evaluation Master Plans (TEMP), Integrated Evaluation Frameworks (IEF), test plans, and related planning documents to ensure compliance with OPTEVFOR policy and adequacy of cyber test strategies
• Adjudicate stakeholder comments related to cyber OT&E planning documentation
• Support program-specific and non-program-specific T&E Integrated Product Teams (IPTs), cyber tabletop exercises, technical exchange meetings, and other planning events as assigned
• Test Planning
• Develop cyber survivability test plans in accordance with OPTEVFOR Cyber OT&E procedures and approved templates
• Coordinate with warfare divisions and red team operators to ensure:
• Test objectives are comprehensive and executable
• Data collection requirements are clearly defined
• Cyber capabilities are identified, resourced, and integrated prior to test plan approval
• Participate in test planning visits and site surveys supporting cyber OT&E events
• Test Execution
• Lead preparation for test execution, including:
• Participation in site pre-test coordination visits and delivery of site in-briefs
• Conduct of Pre-Execution Briefs to OPTEVFOR 01D leadership
• Preparation and delivery of required data libraries to test sites
• Verification that all deconfliction requirements are met in accordance with JFHQ-DoDIN and Navy Cyber Defense Operations Command guidance
• Lead execution of assigned cyber OT&E events, including cooperative vulnerability penetration assessments and adversarial assessments
• Coordinate execution with OTDs, site personnel, program office SMEs, and supporting red teams
• Ensure tests are conducted safely and in compliance with OPTEVFOR and DoD policies
• Follow all JFHQ-DoDIN deconfliction procedures
• Verify accuracy and completeness of collected data
• Conduct daily hotwashes and submit daily summary reports to the OTD and OPTEVFOR 01D leadership
• Ensure all test objectives are fully executed and documented
• Post-Test Activities
• Support post-test processes to ensure traceability between test objectives, collected data, and deliverables
• Coordinate with the OTD to schedule post-test meetings
• Participate in post-test forums, including:
• Data uploads and scoring boards
• OPTEVFOR 01D Review Board
• Critical Operational Issue (COI) Evaluation Working Group (CEWG)
• System Evaluation Review Board (SERB)
• Executive SERB (E-SERB)
• Lead development of final test report products, ensuring technical accuracy and compliance with OPTEVFOR Cyber OT&E procedures and templates, including:
• Drafting Data Analysis Summaries and Results Enclosures
• Reviewing Blue/Gold Sheets prepared by red team operators