The ideal candidate thinks outside of the box and puts himself in the shoes of an attacker / adversary. The candidate collaborates to identify access and security gaps that can be satisfied through cyber reconnaissance and/or preparation activities, leveraging all authorized resources and analytic techniques to penetrate targeted networks. Employers are seeking Information Security Penetration Testers / Red Team member candidates with the following skills.
Potential Responsibilities: The following is a list of skills that the ideal candidate will have experience in. Depending on the specific role within the team, the responsibilities may vary from the list below:
· Conduct and/or support authorized penetration testing on enterprise network assets.
· Perform penetration testing as required for new or updated applications.
· Apply and utilize authorized cyber capabilities to enable access to targeted networks.
· Apply cyber collection, environment preparation and engagement expertise to enable new. exploitation and/or continued collection operations, or in support of customer requirements.
· Apply and obey applicable statutes, laws, regulations and policies.
· Perform analysis for target infrastructure exploitation activities.
· Collaborate with other internal and external partner organizations on target access and operational issues.
· Communicate new developments, breakthroughs, challenges and lessons learned to leadership, and internal and external customers.
· Conduct analysis of physical and logical digital technologies (e.g., wireless, SCADA, telecom) to identify potential avenues of access.
· Conduct independent in-depth target and technical analysis including target-specific information (e.g., cultural, organizational, political) that results in access.
· Create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities.
· Examine intercept-related metadata and content with an understanding of targeting significance.
· Collaborate with developers, conveying target and technical knowledge in tool requirements submissions, to enhance tool development.
· Identify gaps in our understanding of target technology and developing innovative collection approaches.
· Identify, locate, and track targets via geospatial analysis techniques.
· Lead or enable exploitation operations in support of organization objectives and target requirements.
· Maintain awareness of advancements in hardware and software technologies (e.g., attend training or conferences, reading) and their potential implications.
· Monitor target networks to provide indications and warning of target communications changes or processing failures.
· Produce network reconstructions.
· Profile network or system administrators and their activities.
· Knowledge of computer networking concepts and protocols, and network security methodologies.
· Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
· Knowledge of cyber threats and vulnerabilities.
· Knowledge of specific operational impacts of cybersecurity lapses.
· Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).
· Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
· Knowledge of web mail collection, searching/analyzing techniques, tools, and cookies.
· Knowledge of collection management processes, capabilities, and limitations.
· Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
· Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
· Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
· Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
· Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
· Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
· Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
· Knowledge of the basic structure, architecture, and design of modern communication networks
· Knowledge of common networking devices and their configurations.
· Knowledge of security concepts in operating systems (e.g., Linux, Unix.)
· Knowledge of evasion strategies and techniques.
· Knowledge of how hubs, switches, routers work together in the design of a network.
· Knowledge of how to collect, view, and identify essential information on targets of interest from metadata (e.g., email, http).
· Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
· Knowledge of network topology and scripting.
· Knowledge of strategies and tools for target research.
· Knowledge of target intelligence gathering and operational preparation techniques and life cycles.
· Knowledge of products and nomenclature of major vendors (e.g., security suites - Trend Micro, Symantec, McAfee, Outpost, and Panda) and how those products affect exploitation and reduce vulnerabilities.
· Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).
· Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
· Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
· Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
· Ability to expand network access by conducting target analysis and collection to identify targets of interest.
· Ability to identify/describe target vulnerability and techniques/methods for conducting technical exploitation of the target.
- Completion of a Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience)
- 4+ year of experience in an IT function with 1+ year(s) of experience as a penetration tester or related role.
- Certifications preferred but not required.
- Ability to travel ~ 15%.
Positions are available in various satellite offices around the US. Location up to discussion with candidate.