Logo
Gap Inc.

Senior Photographer, On-Figure Job at Gap Inc. in Orlando

Gap Inc., Orlando, FL, United States, 32885

Save Job

Senior Cyber Security Engineer / CSET Lead

ID 2024-8897

Category

Position Type

Regular Full-Time

About Us

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Requirements

Bachelor's degree with a focus in computer science, computer information systems, engineering, mathematics, management information systems, cybersecurity, cyber operations, or a related discipline with corresponding experience and demonstrated mastery of relevant computer science topics.

  • 5+ years of cyber adversarial emulation experience, to include penetration testing of modern Windows and Linux operating systems, IP-based networks and protocols, 802.11 networks, and/or web applications, hardware hacking, software defined networks/RF.
  • 10+ years of experience in leading complex and technically diverse teams of cyber professionals (software developers, system administrators, penetration testers, incident responders, etc.).
  • Intermediate knowledge of known Advanced Persistent Threat (APT) actor Techniques, Tactics, and Procedures (TTPs), including familiarity with terminology from Mitre ATT&CK.
  • Intermediate knowledge of techniques and tools used for exploit development, software debugging, and application fuzzing.
  • Intermediate knowledge of tools and techniques used for incident response, reverse engineering, and digital forensics.
  • Superior oral communication skills, including the ability to project confidence and enthusiasm in formal presentations and explaining technical nuances to non-cyber-savvy audiences.
  • Superior technical writing skills, including the ability to author and review documents and create impactful technical briefing materials.
  • Ability to work independently and collaborate with range and event leadership, CSET team members, users, and other stakeholders.
  • Required / Maintain IAT Level III or IAM Level III 8570 certifications, including one or more of the following:

CASP+ CE

  • CCNP Security
  • CISA
  • GIAC Incident Handler (GCIH)
  • CISM
  • GSLC
  • CCISO
  • Certified Information Systems Security Professional (CISSP)

In addition to meeting the applicable cyber security workforce (CSWF) requirements for Computer Network Defenders (CND) Auditors (DoD 8570) or Vulnerability Assessment Analysts (SECNAV 5239.2), CSET members must obtain one or more of the following vendor certifications within 6 months of being hired:

Offensive Security Certified Engineer (OSCE)

  • Offensive Security Certified Professional (OSCP)
  • GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)
  • Offensive Security Certified Engineer (OSCE3)

Desired Skills

  • Master's degree with a focus in computer science or cybersecurity.
  • 10+ years of experience supporting Department of Defense (DoD) offensive or defensive cyber operations.
  • Experience with operational training programs and qualification standards.
  • Red Team, Computer Operator or Exploitation Analyst experience with relevant teams.
  • Experience with OT, IoT, XIoT is a plus.

Description

  • Oversee CSET Team operators and provide guidance and subject matter expertise to government personnel.
  • Support offensive security/red team/adversarial emulation testing.
  • Execute Red Team engagements in various networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs).
  • Develop comprehensive security testing strategies and programs.
  • Facilitate multiple stakeholders to agree on appropriate solutions and verify risk mitigation.
  • Work independently but collaborate cross-functionally to provide security engineering consulting.
  • Conduct open-source intelligence gathering, network vulnerability scanning, and exploitation of vulnerable services.
  • Systematically analyze applications to locate programming flaws.
  • Develop payloads, scripts, and tools for exploitation and evasion.
  • Safely utilize attacker tools in sensitive environments.
  • Evade detection by EDR devices during engagements.
  • Demonstrate expertise in Active Directory, Software Development, Incident Response, or Cloud Infrastructure.
  • Document and log all exploitation activities.
  • Maintain knowledge of Red Team policies and regulations.
  • Communicate effectively with team members during engagements.
  • Keep current with TTPs and offensive security techniques.

Clearance Information

Diversity & Inclusion

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact [emailprotected] for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

#J-18808-Ljbffr