Weapons & Tactics (W&T) Operator

About The Position

Requirements

• Active TS/SCI clearance required.
• Bachelor Degree or p ossess , or be willing to obtain , one of the following certifications : CFR , Cloud+, CySA +, GCED, or PenTest +.
• T hree ( 3 ) or more years’ experience in cyber security
• DoD 8570.01-M IAT Level III certification (current)
• Experience on the Cyberspace Vulnerability Assessment / Hunter (CVA/H) weapon system or similar cyber weapon system
• Experience with toolsets such as Wireshark, the Elastic Stack , Arkime , Zeek, Metasploit, tcpdump , NMap , Nessus, Snort, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI) , Bash and PowerShell
• Proficient in writing, editing, executing scripts on Windows, Linux, UNIX systems
• Experience with encrypted and unencrypted remote access technologies, such as RDP, SSH, VPN, Telnet, and FTP
• General knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 series
• General knowledge of physical computer components and architectures, including the functions of computer domains, directory services, various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols (e.g., DNS, ARP, etc.), security hardware and software
• Candidate must be self-motivated and able to perform with little to no supervision
• Must successfully complete, and maintain , mission qualification requirements

Nice To Haves

• Experience working in a Weapons and Tactics shop/office
• Experience in the development of Tactics, Techniques, and Procedures (TTP)
• Experience in the development of training material
• Knowledge of cyber forensic collection, preservation, and chain of custody
• Experience with Endpoint Detection and Response (EDR) toolsets, such as Elastic Endpoint Security, Crowd S trike Falcon, and Trellix EDR
• Experience with encryption, decryption, and hashing technologies such as DES, AES, RSA, PKI, SHA, and MD5
• Knowledge of Red Team Tactics, Techniques, and Procedures (TTP)
• Knowledge of distributed systems, process control, advanced routing, wireless, cloud, telecom and datacom platforms
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL

Responsibilities

• Support Cyber Protection Team (CPT) squadrons in the execution of Defensive Cyber Operations (DCO) missions.
• Ensure sound mission planning practices are in place and work to refine the debrief process, capture of lessons learned, identification of training gaps, identification of capability gaps, etc.
• On occasion, may deploy in support of CPT operations as either a Cyber Security Network Analyst or Cyber Security Host Analyst.
• Support to the training and evaluation sections as needed to develop scenarios, present material, research new capabilities, evaluate team effectiveness, etc.
• Represent the W&T shop in meetings, conferences, etc.