Listing Description
Cybersecurity Red Team Operator
Requisition #267818
Location: Richmond, VA; San Francisco, CA; All FRS Locations; Remote Employment Eligible
The Richmond Fed is the proud home of the Federal Reserve’s National IT organization—a nationwide team delivering technology solutions and support across the Federal Reserve System. Many National IT employees are located in Richmond, while others are based across the U.S. at other Federal locations.
When you join our team, you’ll become part of a culture that welcomes differences, cares about our communities, and empowers each other to lead from where we are to make things better.
Bring your passion and we’ll provide challenging and purposeful careers in a variety of fields, opportunities to grow and a wide range of benefits and perks that support your health and wealth. It’s all part of what makes #MyRichmondFed a great place to work!
About the Opportunity
The Federal Reserve System (FRS) National Incident Response Team (NIRT) is a national service provider that delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the FRS. NIRT’s mission is to play a leading role in the FRS’ efforts to protect its information systems against unauthorized use.
NIRT’s has an immediate opening for a Cybersecurity Red Team Operator to join their Red Team and participate in a variety of engagements and projects that will target and holistically evaluate the security posture of people, processes, and technology within the FRS.
What You Will Do
- Collaborate in on-net operations during threat emulation assessments
- Provide offensive security domain expertise in purple team exercises
- Keep up to date with current and emerging exploits, TTPs, and offensive security tooling
- Continuously grow your tradecraft and improve team capabilities
- Brief executive stakeholders on enterprise risks identified through Red Team activities
Qualifications
-
Bachelor’s Degree or higher in computer science or related field
-
5+ years of prior experience performing offensive security operations including red teaming, and penetration testing; or an equivalent combination of education and work experience
-
The following certifications are highly preferred: GPEN, GXPEN, OSCP
-
Recent experience in:
-
All phases of red team operations including recon, social engineering, exploitation, lateral movement and exfiltration
-
Performing security assessments in cloud environments
-
Advanced social engineering including pretext development, payload weaponization and delivery techniques
-
Understanding of defensive controls and how to bypass them
-
Using and customizing commercial and open source security assessment tools including Cobalt Strike and Bloodhound
-
Modifying and using payloads to avoid common detections
-
Handling and managing implants and footholds during Red Team operations
-
Deploying, configuring and managing infrastructure to support offensive operations
-
-
Familiarity with:
-
Computer network, application, database, and web exploitation principles
-
Active Directory and enterprise network exploitation
-
OPSEC techniques including network traffic, post-exploitation activities and payloads to blend in to target environments
-
-
Experience with scripting/programming using one or more of the following: Python, PowerShell or C# with the ability to create or customize tools as needed
-
Experience with open security testing standards and projects, including OWASP & ATT&CK
-
Ability to able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.
Discover the Reason Why So Many People Love It Here!
When you join Federal Reserve’s National IT organization, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including:
-
Great medical benefits
-
Pension and 401(k) with employer match
-
Paid time off
-
Tuition reimbursement
-
Employee resource networks
-
Paid volunteer leave
-
Flexible work options
-
Onsite amenities that make working here fun
Other Requirements and Considerations:
-
Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions. The Code is available on the About Us, Careers webpage at www.richmondfed.org.
-
Sponsorship is not available for this role. Selected candidate is subject to special background check procedures including criminal check, credit check, and drug screen.
- By federal law, the candidate hired for this position must able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.
- The Richmond, VA salary range for the Cybersecurity Red Team Operator (Senior Cyber Security Analyst) is $93,000 - $116,200 annually.
- Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications/experience. For candidates located outside of Richmond, VA, the salary range may be adjusted for your geographic location.
- Applications or this role will be reviewed on a rolling basis.
The Federal Reserve Bank of Richmond provides equal opportunity to all individuals without regard to race, sex, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, or genetic information.
Listing Details
- Salary: $95000 - $125000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: Travel 25
- Telework: Full Telecommute