Senior Red Team Operator - Federal Reserve Bank of Richmond Richmond, VA, USA Bookmark Share Print 1330 0 8

Listing Description

About the Opportunity

The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System (FRS), delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the FRS. NIRT’s mission is to play a leading role in the FRS’ efforts to protect its information systems against unauthorized use.

NIRT’s Red Team has an immediate opening for a Senior Red Team Operator (Senior Cyber Security Analyst or Senior Cyber Security Advisor) to participate in a variety of engagements and projects that will target and holistically evaluate the security posture of people, processes, and technology within the FRS.

What You Will Do

• Collaborate in on-net operations during threat emulation assessments

• Provide offensive security domain expertise in purple team exercises

• Keep up to date with current and emerging exploits, TTPs, and offensive security tooling

• Continuously grow your tradecraft and improve team capabilities

• Brief executive stakeholders on enterprise risks identified through Red Team activities

Qualifications

• Bachelor’s Degree or higher in computer science or related field

• 5+ years of prior experience performing offensive security operations including red teaming, and penetration testing; or an equivalent combination of education and work experience

• The following certifications are highly preferred: GPEN, GXPEN, OSCP

• Recent experience in:

o All phases of red team operations including recon, social engineering, exploitation, lateral movement and exfiltration

o Performing security assessments in cloud environments

o Advanced social engineering including pretext development, payload weaponization and delivery techniques

o Understanding of defensive controls and how to bypass them

o Using and customizing commercial and open source security assessment tools including Cobalt Strike and Bloodhound

o Modifying and using payloads to avoid common detections

o Handling and managing implants and footholds during Red Team operations

o Deploying, configuring and managing infrastructure to support offensive operations

• Familiarity with:

o Computer network, application, database, and web exploitation principles

o Active Directory and enterprise network exploitation

o OPSEC techniques including network traffic, post-exploitation activities and payloads to blend in to target environments

• Experience with scripting/programming using one or more of the following: Python, PowerShell or C# with the ability to create or customize tools as needed

• Experience with open security testing standards and projects, including OWASP & ATT&CK

• Ability to able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.

Discover the Reason Why So Many People Love It Here!

When you join Federal Reserve’s National IT organization, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including:

• Great medical benefits

• Pension and 401(k) with employer match

• Paid time off

• Tuition reimbursement

• Employee resource networks

• Paid volunteer leave

• Flexible work options

• Onsite amenities that make working here fun

Other Requirements and Considerations:

• Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions. The Code is available on the About Us, Careers webpage at www.richmondfed.org.

• Sponsorship is not available for this role. Selected candidate is subject to special background check procedures including criminal check, credit check, and drug screen.

• By federal law, the candidate hired for this position must able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.

• The Richmond, VA salary range(s):

o Senior Cyber Security Analyst- $88,300 - $143,500 annually

o Senior Cyber Security Advisor- $109,400 - $177,700 annually

• Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications/experience.

• Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by October 13, 2020.

The Federal Reserve Bank of Richmond provides equal opportunity to all individuals without regard to race, sex, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, or genetic information.As a Senior Red Team Operation, you will participate in a variety of engagements and projects that will target and holistically evaluate the security posture of people, processes, and technology within the FRS. You will: Collaborate in on-net operations during threat emulation assessments; Provide offensive security domain expertise in purple team exercises; Keep up to date with current and emerging exploits, TTPs, and offensive security tooling; Continuously grow your tradecraft and improve team capabilities; and brief executive stakeholders on enterprise risks identified through Red Team activities.