Red Team Exploitation Analyst

Red Team Exploitation Analyst
Per Federal Contract US Citizenship is required
Must be able to obtain public trust
100% Remote

Responsibilities:

• Provide Red Team support, including personnel management, liaison with VA leadership, and timely feedback and recommendations.
• Monitor assessment progress, conduct quality control reviews of tester methodology, and oversee the production of formal work products by a dedicated technical writer.
• Coordinate with the Government to determine specific Operational Objectives for assigned Red Team operations.
• Provide weekly progress reports during active Red Team operations, including successes, challenges, and a look forward to planned tasks.
• Deliver a Post Operations Report within ten business days after operation completion, mapping findings to NIST 800-53 controls.

Support Activities:

• Update and maintain VA Red Teaming program, documenting processes, methodologies, and scripts following NIST guidelines.
• Perform Blue, Red, and Purple team exercises and present operation test plans for Government review.
• Conduct covert security assessments, penetration testing, and Red Team activities against VA targets.
• Utilize open-source information for asset enumeration, conduct targeted phishing campaigns, and attempt to evade boundary controls.
• Develop Red Team methodologies, goals, and detailed attack paths. Communicate findings to stakeholders in comprehensive reports.
• Develop and enhance scripts, tools, and methodologies for VA's red teaming processes.
• Perform physical intrusion testing, verify remediation tasks, and utilize industry-standard security tools for manual and automated scans.
• Provide internal training sessions periodically and collaborate with other EAS teams to enhance assessment efforts.
• Administer existing and future infrastructure, including system maintenance and management.
• Assist with deep dive analysis on active penetration tests, including potential 0-day vulnerability exploitation.

Skills and Tools:

• Proficiency in Windows and Linux operating systems.
• Experience with VMWare, Kali Linux Suite, RedHat Enterprise Linux, Nessus Scanner, NMAP, Cobalt Strike, Cain and Abel, Wireshark, Burp Suite.
• Programming skills in Powershell, C++, Visual Basic, web languages (PHP, Python, JavaScript, Java, Ruby, PERL, ASP, .NET, HTML, CSS).
• Familiarity with Database Management Systems (SQL, Oracle, Mongo, MySQL) and WiFi penetration tools (Aircrack-ng, AirSnort, Kismet, Netstumbler).

Qualifications:

• 3-5 years of experience in Red Team operations.
• Strong understanding of adversarial Tactics, Techniques, and Procedures (TTP's) following NIST guidelines.
• Excellent communication skills for both technical and executive audiences.
• Ability to collaborate with diverse teams and provide effective training.

Ref: #850-Rockville (ALTA IT)

#LI-GW1