Technical Lead

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 379 Job Title: Technical Lead Location: Reston, VA (Remote) Clearance Level: Active DoD - Secret  Required Certification(s):  ·       PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hire.

SUMMARY The United States Patent and Trademark Office (USPTO), Cybersecurity Division, has a requirement to  establish a Purple Team capability within USPTO by adding contractor expertise to engage with existing  Blue Team resources (forming a Purple Team) with the goal of improving the blue team’s knowledge  and expertise in defending against adversaries attempting to penetrate USPTO systems. A successful candidate will have verifiable experience in offensive security, threat hunting, attack simulation, programming, and communication skills. Strong technical capabilities, and an understanding of in-scope systems to the organization with respect to operational impact, is important as a key function of the role is to work closely with defensive partners.

JOB DUTIES AND RESPONSIBILITIES ·       Utilize threat hunting techniques to understand how offensive attacks are logged, alerted, and visible to defensive controls ·       Conduct Penetration Testing (application and/or infrastructure) and articulate security issues to both technical and non-technical audiences ·       Identify, research, validate, and exploit various known and unknown security vulnerabilities ·       Coordinate with business and technical contacts to assist in the development and delivery of secure solutions ·       Compose detailed, technical, attack narratives which outline specific attack chains utilized, clear impact of vulnerabilities discovered, and suggested paths to remediation which address root cause of identified weak points in enterprise security architecture

QUALIFICATIONS

Required Certifications ·       PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hire.

Education, Background, and Years of Experience ·       Bachelor’s degree/University degree or equivalent experience ·       10+ years of relevant experience

ADDITIONAL SKILLS & QUALIFICATIONS

Required Skills ·       Extensive experience working with Offensive Security Methodologies and Attack Simulation Techniques ·       Offensive Security testing tools. e.g., Cobalt Strike, Kali Linux, Bloodhound, Red Team Toolkits ·       Experience leveraging the MITRE ATT&CK Framework ·       Vulnerability Assessment tools. e.g., Nessus, Qualys, Rapid7 ·       Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact ·       Social Engineering campaigns. e.g. email phishing, phone calls, SET ·       Deep understanding of OSI model ·       Security devices, i.e. Firewalls, VPN, AAA systems ·       OS Security. e.g. Unix/Linux, Windows, OSX ·       Understanding of common protocols. e.g. HTTP, LDAP, SMTP, DNS ·       Web application infrastructure. e.g. Application Servers, Web Servers, Databases ·       Web development and programming languages. e.g. Python, Perl, Ruby, Java, .Net ·       Proven experience with attack simulation and threat hunting is a must ·       Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations ·       Advanced analytical and problem-solving skills ·       Consistently demonstrates clear and concise written and verbal communication ·       Preferred Certifications: PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA ·       Proficient in interpreting and applying policies, standards and procedures ·       Demonstrated ability to remain unbiased in a diverse working environment

WORKING CONDITIONS

Environmental Conditions ·       Contractor and / or remote with 0%-10% travel possible. General office environment. Work is generally sedentary in nature but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.

Strength Demands ·       Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles.  Some occasional walking or standing may be required.   Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Physical Requirements ·       Stand or Sit; Walk; Repetitive Motion; See