Ampcus Inc
Red Team Operator (Jr. Engineer level)
Ampcus Inc, Reston, Virginia, United States, 22090
JOB DESCRIPTION
Job: Red Team Operator (Junior Engineer level)Mode: Contract / 100% Remote (working EST)Process: Remote Interview Protocol - .5 w/manager followed by a team panel
Technology Awareness Levels:NO Awareness of technology (0)LITTLE Awareness - read/heard of technology (1)EXPOSURE to technology in environment (2)SOME development in technology (3)Very COMFORTABLE developing in technology (4)EXPERTISE in technology i.e. could teach a class (5)Technologies:Outflank - Stage1Cobalt StrikeBurpsuite ProPythonAzure Active DirectoryAmazon Web ServicesProject Discovery NucleiElectron Framework
In this role, you will:Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization’s security posture and readiness against cyber threats.Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization’s defensive capabilities.Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.
About you, you have:A bachelor's in computer science or equivalent work experience5 years in IT, with at least 1 year in offensive securityExperience in Red/Purple team exercises and penetration testingProficiency in C2 frameworks (e.g., Cobalt Strike)Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferredFamiliarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat ProfilingExperience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virus/malware solutionsProficiency with Burp Suite and testing Web Applications and APIs.Familiarity/experience with Electron framework preferredAbility to maintain discretion and integrity at all timesAbility to work in the US without sponsorship
#J-18808-Ljbffr
Job: Red Team Operator (Junior Engineer level)Mode: Contract / 100% Remote (working EST)Process: Remote Interview Protocol - .5 w/manager followed by a team panel
Technology Awareness Levels:NO Awareness of technology (0)LITTLE Awareness - read/heard of technology (1)EXPOSURE to technology in environment (2)SOME development in technology (3)Very COMFORTABLE developing in technology (4)EXPERTISE in technology i.e. could teach a class (5)Technologies:Outflank - Stage1Cobalt StrikeBurpsuite ProPythonAzure Active DirectoryAmazon Web ServicesProject Discovery NucleiElectron Framework
In this role, you will:Conduct Offensive Cyber Security Operations: Execute covert operations to assess the organization’s security posture and readiness against cyber threats.Perform Penetration Testing: Conduct comprehensive assessments of the Digital Exam Player, web applications, and other systems using both manual and automated testing techniques.Engage in Purple Teaming: Facilitate collaborative exercises with internal Incident Response and Threat Hunt teams to enhance the organization’s defensive capabilities.Execute Multi-stage Attack Simulation: Coordinate with Red Team members to simulate attacks, including initial access, privilege escalation, lateral movement, and data exfiltration.Create Threat Mimicry: Mimic adversary tactics, techniques, and procedures (TTPs) to assess defensive capabilities and identify weaknesses.Conduct Security Control Evaluation: Evaluate the detection and response capabilities of security controls, such as SIEM, EDR, and network monitoring solutions.Investigate C2 Techniques: Research and integrate new C2 techniques and tools to evade detection and enhance operational capabilities. Monitor and analyze C2 traffic for anomalies and indicators of compromise (IOCs).Provide Technical Guidance: Provide technical expertise and guidance to the vulnerability management team on building custom scanning signatures and techniques. Also, guide threat hunters on adversary behaviors, attack techniques, and IOCs.Contribute to Culture Building: Foster a culture of collaboration and continuous learning within all Cyber Operations teams.Stay abreast of emerging threats and vulnerabilities affecting web applications or endpoints and incorporate them into assessment methodologies.
About you, you have:A bachelor's in computer science or equivalent work experience5 years in IT, with at least 1 year in offensive securityExperience in Red/Purple team exercises and penetration testingProficiency in C2 frameworks (e.g., Cobalt Strike)Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferredFamiliarity with open-source/commercial offensive security tools, and cloud-based attacker infrastructure deployment.Strong understanding of web application CWEs, OWASP Top 10, Threat Intelligence, and Threat ProfilingExperience with IDS/IPS, SIEM, network defense tools, DLP technologies, network security architecture, and enterprise anti-virus/malware solutionsProficiency with Burp Suite and testing Web Applications and APIs.Familiarity/experience with Electron framework preferredAbility to maintain discretion and integrity at all timesAbility to work in the US without sponsorship
#J-18808-Ljbffr