Weapons & Tactics (W&T) Operator

About The Position

Requirements

• Active TS/SCI clearance required.
• Bachelor Degree or possess, or be willing to obtain, one of the following certifications: CFR, Cloud+, CySA+, GCED, or PenTest+.
• Three (3) or more years’ experience in cyber security required.
• DoD 8570.01-M IAT Level III certification (current).
• Experience on the Cyberspace Vulnerability Assessment / Hunter (CVA/H) weapon system or similar cyber weapon system.
• Experience with toolsets such as Wireshark, the Elastic Stack, Arkime, Zeek, Metasploit, tcpdump, NMap, Nessus, Snort, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal.
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI), Bash and PowerShell.
• Proficient in writing, editing, executing scripts on Windows, Linux, UNIX systems.
• Experience with encrypted and unencrypted remote access technologies, such as RDP, SSH, VPN, Telnet, and FTP.
• General knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 series.
• General knowledge of physical computer components and architectures, including the functions of computer domains, directory services, various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols (e.g., DNS, ARP, etc.), security hardware and software.
• Candidate must be self-motivated and able to perform with little to no supervision.

Nice To Haves

• Experience working in a Weapons and Tactics shop/office.
• Experience in the development of Tactics, Techniques, and Procedures (TTP).
• Experience in the development of training material.
• Knowledge of cyber forensic collection, preservation, and chain of custody.
• Experience with Endpoint Detection and Response (EDR) toolsets, such as Elastic Endpoint Security, CrowdStrike Falcon, and Trellix EDR.
• Experience with encryption, decryption, and hashing technologies such as DES, AES, RSA, PKI, SHA, and MD5.
• Knowledge of Red Team Tactics, Techniques, and Procedures (TTP).
• Knowledge of distributed systems, process control, advanced routing, wireless, cloud, telecom and datacom platforms.
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL.

Responsibilities

• Support Cyber Protection Team (CPT) squadrons in the execution of Defensive Cyber Operations (DCO) missions.
• Ensure sound mission planning practices are in place and work to refine the debrief process, capture of lessons learned, identification of training gaps, identification of capability gaps, etc.
• On occasion, may deploy in support of CPT operations as either a Cyber Security Network Analyst or Cyber Security Host Analyst.
• Support to the training and evaluation sections as needed to develop scenarios, present material, research new capabilities, evaluate team effectiveness, etc.
• Represent the W&T shop in meetings, conferences, etc.

Benefits

• EEO and Affirmative Action Policy
• Pay Transparency Policy