Charleston, South Carolina, USA
53 days ago
Offensive Cyber Security Engineer
Overview Arcfield is a leading provider of full lifecycle, mission-focused systems engineering and integration capabilities to the U.S. government and its allies. The company has more than 60 years of proven experience providing advanced engineering and analysis, IT and C5ISR capabilities to support our nation’s most critical national security missions. Headquartered in Chantilly, VA and with 16 offices around the world, Arcfield employs approximately 1,200 engineers, analysts, IT specialists, and other professionals who put our customers’ missions first, helping them solve their most complex challenges through innovations in modeling, simulation and analysis, digital transformation and C5ISR. Visit arcfield.com for more details. Responsibilities Position Summary: Offensive Cyber Security Engineer is responsible for providing support for cybersecurity assessment and accreditation activities for the Navy’s National Warfare Red Team (NWRT). The engineer will be responsible for conducting simulated attacks, assessing security measures, and working closely with security teams to remediate identified issues. The ideal candidate is a problem-solver with strong technical skills, a deep understanding of cybersecurity principles, and a passion for ethical hacking. The Offensive Cyber Computer Engineer will support the National Warfare Red Team (NWRT) in conducting Red Team operations, managing infrastructure, and developing custom cybersecurity tools to support red team operations. Key Responsibilities: Red Team Assessment Operations Support: Support security assessment efforts for the NWRT, utilizing expertise in all DoD Cyber Red Team capabilities such as Remote and Local Cyber Operations, User-Driven Attacks, Long Term Persistence Missions, Active/Passive Wireless Assessments, and Close Access Enabling Cyber (CAEC) activities. Execute Operational Vulnerability Assessments (OVA), Acquisition Penetration Assessments (APA), and Cyber Opposing Force (OPFOR) Aggressors Exercises following the United States Cyber Command Standing Ground Rules (SGR). Conduct adversarial cybersecurity Developmental and Operational Test and Evaluation (DOT&E) events, penetration tests, and support NWRT assessment methodologies. Develop and maintain Tactics, Techniques, and Procedures (TTPs) for network penetration, data exfiltration, CAEC, phishing campaigns, and malware development. Red Team Certification and Accreditation Support: Support the maintenance and updating of the Red Team’s DoD Cyber Red Team accreditation, including developing and tailoring documentation packages such as CONOPS, System Security Plans (SSPs), Standard Operating Procedures (SOPs), and report templates. Conduct self-assessments against Red Team evaluation scoring metrics (ESMs) and governing policies to ensure compliance and readiness for accreditation evaluations. Build and maintain curriculum, courseware, laboratory environments, and study aids to support DoD Red Team certification, accreditation, and self-assessment activities. Infrastructure Support: Develop, monitor, and maintain the NWRT’s infrastructure for assessment operations and administration, including cloud computing environments and Gold Disk images for various operating systems. Support the implementation of the Risk Management Framework (RMF) process for systems or hosting environments, ensuring compliance with DoD and Navy cybersecurity policies and guidelines. Cybersecurity Tool Development: Support software development activities to create and maintain cybersecurity tools and infrastructure components that enable NWRT operations, from offensive operations to administrative tasks. Ensure tools are interoperable with developed management systems and provide user guides and training for new tools. Qualifications Required: Bachelor’s degree in Computer, Electrical or Electronics Engineering or Mathematics with field of concentration in computer science. 3 years’ experience in Cyber Security with MS or BS 1 years’ experience specializing in Red Team Operations DoD IAT II certification (i.e. Security+ CE, CASP, CISSP, etc.) Individual shall have relevant professional certifications or be willing to achieve (within 1 year) one of the following: Offensive Security Certified Professional (OSCP) Offensive Security Certified Expert (OSCE) or Offensive Security Exploitation Expert (OSEE) Offensive Security Exploit Developer (OSED) Offensive Security Experienced Pentester (OSEP) Offensive Security Wireless Professional (OSWP) Offensive Security Web Expert (OSWE) Hack The Box Certified Penetration Testing Specialist (HTB CPTS) Hack The Box Certified Bug Bounty Hunter (HTB CBBH) Certified Red Team Operator (CRTO) from Zero Point Security Certified Red Team Lead (CRTL) from Zero Point Security Practical Network Penetration Tester (PNPT) GIAC Red Team Professional (GRTP) GIAC Experienced Penetration Tester (GX-PT) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Must POSSESS and be able to maintain a TS/SCI clearance Preferred Qualifications: Master’s degree in Computer, Electrical or Electronics Engineering or Mathematics with field of concentration in computer science. Experience working with a NSA accredited DoD Red Team. EEO Statement EEO Arcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
Confirm your E-mail: Send Email