Cyber Threat Emulation & Analyst
Bristol Bay Native
San Antonio, TX, USA
Full-time
STS Systems Support, LLC. (SSS) is seeking a Cyber Threat Emulation & Analyst
- DoDD 8570.01 M / 8140.01 I AT Level III CND
- Active TS / SCI
- Five years' of penetration testing experience. BA / BS or MA / MS
- Five (5) years of penetration testing experience.
- Demonstrated advanced knowledge of cyber security operations with master of two or more of the following : attack surface management, Security Operations Center (SOC) operations, Intrusion Detection / Intrusion Prevention Systems (IDS / IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits;
incident response, investigations and remediation.
- Experience with PowerShell, BASH or Python scripting / programming language.
- Must have a strong understanding of Linux Operating System.
- Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (., Open Source projects)
Duties :
- Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads.
- Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities.
- Test for real time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact.
- Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. (CDRL A007 & A008)
- Develop mitigations, policies, and procedures to coordinate with internal teams. (CDRL A007)
- Work with incident response team to develop response policies and procedures.
- Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. (CDRL A008)
- Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
- Research & Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions.
- Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings.
- Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior.
- Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities.
- Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports / assessments for development of tactics, techniques, and procedures. (CDRL A002)
- Provide OJT to other contractor employees, military, and / or civilian personnel, and ensure continuity folders / working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
- Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
- Provide information to operational leaderships tasking as required as it relates to CTE actions
Other details
- Pay Type Salary
30+ days ago