Intermediate Red Team Operator

About The Position

Requirements

• The Intermediate Access Network Operator must meet all qualification requirements of a Basic Access Network Operator in addition to the following:
• Offensive Security Certified Professional (OSCP) or equivalent offensive cybersecurity certification
• Minimum of three (3) years of experience performing penetration testing, red teaming, and/or exploitation development
• Proficiency with multiple offensive cyber tools, including: Metasploit Cobalt Strike Core Impact Burp Suite Nessus SharpHound
• Demonstrated ability to detect malicious program activity using dynamic analysis techniques
• Ability to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives

Responsibilities

• Become proficient in OPTEVFOR Cyber T&E CONOPS, SOPs, policies, and guidance
• Maintain and contribute to the development of 01D SOPs and technical documentation supporting DCAT authorization in accordance with DoDI 8585.01
• Research, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the 01D tool approval process
• Support development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations
• Research adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and operating environments and integrate findings into cyber survivability test planning and execution
• Participate in OPTEVFOR cyber test planning activities, including: Conducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components Identifying attack surfaces and threat vectors Participating in cyber test planning meetings Guiding development of cyber test objectives Reviewing test plans to ensure objectives are feasible and executable Participating in test planning site visits
• Support preparation activities for cyber OT&E events, including: Participation in site pre-test coordination visits and delivery of test site in-briefs Reviewing approved test plans Adding relevant artifacts and research to the test library Conducting in-depth SUT research and presenting findings to the red team Preparing OPTEVFOR Red Team (OPTEV-RT) test assets
• Execute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletop exercises, in support of Operational Testing, Developmental Testing, risk reduction efforts, and other assigned events
• Employ OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including: Core Impact, Nmap, Burp Suite, Metasploit, Nessus
• Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across: Operating systems (Windows, Linux, Unix) Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
• Execute testing activities independently and provide technical guidance and oversight to Basic-level operators
• Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
• Adhere to JFHQ-DoDIN deconfliction procedures
• Verify accuracy and completeness of collected test data
• Participate in the post-test iterative process, including development of deficiency and risk documentation
• Document test execution lessons learned and support continuous improvement initiatives
• Generate and update documentation required to maintain DCAT authorization in accordance with DoDI 8585.01
• Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials
• Attend OPTEVFOR-required meetings in support of OT&E activities