Red Cell Cyber Analyst

Amentum•Fort Belvoir, VA

About The Position

The Red Cell Cyber Analyst is responsible for providing direct strategic and tactical analytic cyber support to the DoW Red Cell. The Red Cell Cyber Analyst drives cyber operations by selecting cyber targets, identifying gaps in cyber architecture, and developing cyber emulative courses of action pertaining to specific vulnerability assessments. The Red Cell Cyber Analyst is responsible for providing advice to tactical partner elements and Red Cell personnel in planning adversarial cyber warfare courses of action. The Red Cell Cyber Analyst is responsible for providing advisory support concerning network and infrastructure analysis to enable adversarial cyber and/or electronic warfare operations in support of DoW Red Cell operations. The Red Cell Cyber Analyst will be expected to travel in direct support of vulnerability assessments. The Red Cell Cyber Analyst acts as subject matter expert on a variety of complex topics related to cyber threats. Specifically, the Red Cell Cyber Analyst is responsible for researching and identifying positions, access points, relationships, organizations, and other potential vulnerabilities in support of DoW Red Cell operations. They are expected to use advanced analytic skills/ tools and maintain knowledge of industry best practices related to cyber red teaming. They report directly to the Red Cell Cyber Analysis Lead.

Requirements

Four-year BS/BA degree with two years applicable experience as a cyber analyst; or associate’s degree with four years applicable experience as a cyber analyst; or eight years of applicable experience as a cyber analyst.
Proficient in understanding, analyzing and summarizing comprehensive and complex technical, contractual, and research information/data.
Ability to write about complex topics in a way that will effectively capture and transmit the message to non-cyber personnel.
Ability to communicate complex informational concepts or ideas in a confident and well-organized manner through verbal, written, and visual means.
Ability to accurately and completely source all data used in products.
Ability to develop or recommend analytic approaches to problems for which information is incomplete or for which no precedent exists.
Ability to think like and emulate actions of threat actors.
Possess a current driver's license.
Capable of operating a rental vehicle.
Active TS/SCI clearance required.
U S citizenship required.
Travel is up to 20%

Nice To Haves

Understand and be well versed in common cyber threat terminology, vulnerability and penetration test principles and methodologies; possess basic knowledge of cyber incident and response forensics and related current events.
Familiarity with Log Analysis, Packet Analysis OSI Model, Network Architectures, NIST, DIA-CAP, RMF, and Information Operations, threat intelligence activities including the collection of and tracking threat actors, digital forensics incident response; and threat hunting methodologies.
Experience performing attack analysis or Red Cell penetration testing against operational computer networks including experience in Windows Security, Network Security, Linux/Unix Security, Database security, or Mainframe Security.
Knowledge of common computer/network infections (virus, trojan, etc.) and methods of infection (ports, attachments, etc.).
Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.)

Responsibilities

Characterize the adversary’s cyber capabilities.
Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization using a combination of both classified and unclassified sources.
Contribute constructively to cyber threat emulation.
Identify information requirements, develop assessment cyber strategies, assist building Red Cell collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary cyber courses of action and relevant priority information requirements (PIRs).
Identify, map, and plan potential exploitation of key telecommunication networks.
Analyze and characterize cyber systems and conduct analysis appropriate to the program.
Identify essential functions, tasks, and critical assets necessary to perform analysis as determined by the program leader.
Develop courses of action that a cyber adversary might employ against customer personnel, equipment, facilities, networks, information and information systems, infrastructure, and supply chains.
Facilitate timely information management flow from DoW Red Cell partner elements and other entities supporting DoW Red Cell operations.
Support field assessments from a cyber adversary perspective.
Synthesize findings to support vulnerability identification, course of action development, protection studies, trend analyses, risk analysis, and mitigation strategies.
Develop a comprehensive understanding of the implications of cyber vulnerabilities discovered and fuse those findings with the systems analysis to determine impacts to the national and military missions they support.
Prepare activity reports including out briefs, senior leader briefs, interim progress reports (IPRs), white papers, after action reviews, final reports, risk analysis products, and other documents necessary to convey assessment findings to customers, partners, and other stakeholders.
Be able to explain network/system mechanisms to non-cyber personnel in order to facilitate better analysis and operations.
Should have a diverse understanding of network and information security operations, network exploitation, and telecommunications.