Penetration Tester / Threat Emulator (Washington)

Penetration Tester / Threat Emulator

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next. Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agilityleveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests.

This program supports a federal government organization's purple team ops, providing comprehensive Computer Network Defense and Offense, Incident Response, and Threat Emulation support through monitoring, analysis, and replication of potential threat activity targeting the enterprise.

The Threat Emulation SME will perform activities related to assisting cyber security operations team members to advance organizational understanding over risks and potential exposures related to software, system, and network weaknesses using advanced security / pen testing and auditing methods. Advanced Cyber Threat Emulation members also engage with senior leadership to identify, report, and perform real-world threat activity simulation attacks, such as those used by our nation's adversaries, in order to train and measure the effectiveness of the people, processes, and technology used to defend Agency networks and systems. Analyzes for weaknesses in company systems. Devises tests and scenarios for various penetration tests. Documents results and communicates them to engineers and management. Provides recommendations for new technologies and system designs according to test results. Develops automated testing programs where possible and efficient.

Job Duties And Responsibilities

• Research and remain up to date with emerging threats and Threat Emulation methodologies.
• Map Cyber Key Terrain and generate priority target lists.
• Engage in project meetings to gain knowledge of changes to the infrastructure and information sources that will aid the Threat Emulation Team.
• Conduct research on commercial and open-source tools that may address capability gaps in detecting and / or blocking malicious activity.
• Be familiar with development of attack vectors, system and infrastructure reconnaissance, collection of open?source intelligence, enumeration, and foot-printing of target networks and services.
• Conduct in-depth analysis of computer network and host data to determine threat patterns and unusual behaviors to identify potential TTPs employed by adversarial APTs and identify related APT activities and malware within operational networks and systems.
• Use TTPs to emulate real-world threats in order to train and measure the effectiveness of the people, processes, and technology used to defend environments.
• Engage with other Agency offices to gain access to various information sources in support of Threat Emulation activities.
• Review collected monitoring and defense information that will be used as inputs or indicators of abnormalities or malicious activity for threat simulation development.
• Generate threat intelligence indicators during emulation operations as part of research and apply and fine tune them across the enterprise network.
• Develop Python and PowerShell customized scripts, payloads, and system backdoor emulations to simulate attacker behavior within various stages of attack activity, detection evasions, lateral movements, or exfiltration attempts.
• Utilize the Cyber Threat Framework (ODNI) and production of Threat Emulation findings in said format.
• Provide reporting for and brief all threat emulation successes at the completion of each approved emulation operation, which may include write-ups and evidence discovered.
• Provide recommendations on enhancing Threat Emulation capabilities.

Qualifications Required Certifications

Education, Background, and Years of Experience

Additional Skills & Qualifications

Working Conditions Environmental Conditions

Strength Demands

Physical Requirements

Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.

What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.

We also believe in supporting our employees by offering a competitive and comprehensive benefits package. To explore the benefits we offer, please visit our website under the Careers section.

Happy - Be Infectious.

Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.

Helpful - Be Supportive.

Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.

Honest - Be Trustworthy.

Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.

Humble - Be Grounded.

Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.

Hungry - Be Eager.

Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.