Engineering · Hanahan, United States
Red Team Operator (Full-Time)
Location: Charleston, SC
Clearance: REQUIRED TS/SCI
Certification(s) Required: professional certifications to meet DoD 8570 requirements - C|EH, SEC+, CySA+, PenTest+, CCNP, CISSP, GTCIH CISM, OSCP
At TIME Systems, we do things a bit differently. We are on a mission to deliver innovative, value-driven Technology, Innovation, Management, and Engineering solutions and services by empowering people, focusing on leadership, and achieving results. We care deeply about collaboration, feedback, and iteration. Trust and respect are deeply rooted in our company culture. Our vision is to dominate in each core area, provide excellent employee benefits, and make a difference through active involvement in local charities.
We are an award-winning company and maintain several industry-leading certifications, such as CMMI Level 3 for Services and Development, and ISO 9001:2015. We have been consistently featured on Inc. Magazine’s “Inc. 5000 List,” a dynamic ranking of the most impressive and cutting-edge companies in America. TIME Systems is also on Syracuse University’s Institute for Veterans and Military Families (IVMF) “Vet 100 List,” which ranks the fastest growing veteran-owned business.
We see you. You’re looking for something more, something significant. You want to be inspired.
You’re a detail-oriented and focused individual who is competent and innovative in your field. You’re tenacious and ready to work in a fast-paced, high-growth work environment. You’re self-motivated and a quick learner. You like to help others and your listening skills help meet customer needs accurately and efficiently. You want to work for a company that is doing big things, feels like a tight-knit community, and provides incentives to consistently pursue excellence.
Now here’s the truly awesome part of this job. You’ll be joining a team of industry experts as part of the NavWar Red Team (NWRT) supporting local and remote operation. Your skills and abilities will help protect and secure important data as you dynamically emulate threat actors to identify risk, strengthen security posture, and improve the client’s detection and response capabilities through short- and long-term engagements.
The Objective:
In this role, you will perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments. Pre-operation duties include assisting with crafting mission objectives, mission planning, setting up infrastructure, and mentoring less experienced staff. Post-operation activities including writing precise and accurate reports and effectively presenting findings to both technical and executive audiences.
Transform Your Career Path with Our Unique Professional Benefits:
Benefits:
When you join our team, you are joining a company that prioritizes your health, well-being, and financial security. Here is a quick overview of our benefits:
Health Coverage: Select from three plans, including a 100% company-funded employee only plan.
Dental Coverage: Our dental plan offers extensive care with no annual maximum.
Vision: Our vision plan covers regular eye exams and corrective eye wear.
Life Insurance and AD&D and other customizable coverage options.
401(k) Retirement Plan.
Health Savings Account (HSA), Flexible Spending Account (FSA).
Short- and Long-Term Disability Insurance.
Employee Assistance Plan, and more.
Why Join Us
The Details:
Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery
Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure
Systematically analyze each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering
Develop payloads, scripts, and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
Safely utilize attacker tools, tactics, and procedures when in sensitive environments/ devices
Evade EDR devices such as CarbonBlack and Falcon to avoid detection by Defenders/behavioral-based alerting to further the engagement objectives
Demonstrate expertise in one of the following: Active Directory, Software Development, Incident Response, or Cloud infrastructure
Carefully document and log all exploitation activities
Continually exercise situational awareness to quickly identify any instances of cohabitation
Document identified vulnerabilities and research corrective/remediation actions to recommend a risk mitigation technique(s)
Demonstrate new vulnerabilities and assist Network Defenders (Blue Team) with the refinement of detection capabilities
Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents
Communicate effectively with team members and clients during an engagement
Think unconventionally to develop novel adversarial TTPs
Keep current with training and the latest offensive security techniques
The Requirements:
Possess specialized experience in Red Teaming, Computer Network Attack (CAN), Computer Network Exploitation (CNE), Computer Network Defense (CND), Bug Bounties, or Penetration Testing
Technical knowledge of security engineering, computer and network security, authentication, security protocols, and applied cryptography
Experience with offensive tool sets like Kali Linux, Metasploit, CobaltStrike, CommandoVM, BlackArch Linus, Parrot OS, etc.
Experience with at least one of the following scripting languages: PowerShell, Bash, Python, or Ruby
Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures
Possess strong analytical and problem-solving skills
Habitually practice excellent independent, disciplined, organizational, and personal project management skills
Proven ability to work effectively with management, staff, vendors, and external consultants
Capable of simultaneously managing multiple projects from start to finish
Exceptional written skills, able to explain highly technical topics to a wide range of audiences
Technical training in Cyber Security or Information Assurance
8 or more years of hands-on experience with Cyber Security Service Providers, Security Operation Centers, Red Teams, or DoD Operation Test to include 3 of the following 4 areas: Systems Requirements, Operational Requirements, Test & Evaluation, and Training
Maintain minimum required professional certifications to meet DoD 8570 requirements, including C|EH, SEC+, CySA+, PenTest+, CCNP, CISSP, GTCIH CISM, OSCP, etc.
Preferred Professional and Technical Expertise:
A relevant Offensive/Red Team/PenTest certification from organizations such as TCM Security (CPEH), SANS (GPEN, GWAPT, GAWN, GCPN, GXPEN), Crest(CSAT, CSAM), eLearnSecurity (eCPPT, eCPTX, eWPTX, eCSD), Offensive Security (OSCP, OSWP, OSEP, OSWE, OSED, OSEE), or demonstrable equivalent skills
Additional Requirements
Occasional lifting of 25 pounds+ may be required.
Prior Military experience is desirable
TIME Systems, LLC is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.