Cyber Threat Emulation & Analyst

STS Systems Support, LLC. (SSS) is seeking a Cyber Threat Emulation & Analyst

• DoDD 8570.01 M / 8140.01 I AT Level III CND
• Active TS / SCI
• Five years' of penetration testing experience. BA / BS or MA / MS
• Five (5) years of penetration testing experience.
• Demonstrated advanced knowledge of cyber security operations with master of two or more of the following : attack surface management, Security Operations Center (SOC) operations, Intrusion Detection / Intrusion Prevention Systems (IDS / IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits;

incident response, investigations and remediation.

• Experience with PowerShell, BASH or Python scripting / programming language.
• Must have a strong understanding of Linux Operating System.
• Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (., Open Source projects)

Duties :

• Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads.
• Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities.
• Test for real time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact.
• Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. (CDRL A007 & A008)
• Develop mitigations, policies, and procedures to coordinate with internal teams. (CDRL A007)
• Work with incident response team to develop response policies and procedures.
• Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. (CDRL A008)
• Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
• Research & Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions.
• Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings.
• Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior.
• Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities.
• Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports / assessments for development of tactics, techniques, and procedures. (CDRL A002)
• Provide OJT to other contractor employees, military, and / or civilian personnel, and ensure continuity folders / working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
• Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
• Provide information to operational leaderships tasking as required as it relates to CTE actions

Other details

• Pay Type Salary
30+ days ago