Red Team Operator - senior

Barrenfox has a need for a Red Team Operator – Senior Level, pending award, to support a critical DoD customer. The Senior Red Team Operator will provide contractor services for a US Courts contract.

Location

This Senior Red Team Operator is based in National Capital Region (NCR).

Travel

Ability to travel up to 30% of the time and will be reimbursed based on IW policy, GSA Per Diem rates and DoD Joint Travel Regulations (JTR) as required.

Security Clearance

This Senior Red Team Operator must be a United States Citizen and be able to obtain and hold a Public Trust clearance.

Employees are required to follow all company and customer site COVID-19 protocols.

Responsibilities

  • Conduct red team exercises against production IT systems, facilities, and personnel belonging to the AO and the Courts.

  • Develop and conduct spear phishing campaigns to gain internal network access.

  • Conduct exploitation of external facing assets to gain internal network access.

  • Conduct post-exploitation actions towards exercise objectives.

  • Conduct on-site physical penetration assessments at various federal courthouses and other Court locations in order to obtain access to the internal network.

  • Use custom code and/or commercial-off-the-shelf (COTS) exploitation frameworks to bypass and penetrate network and system defenses.

  • Comply with the unique rules of engagement (ROE) that will be provided for each exercise along with the standard operating procedures (SOP) for overall Red Team operations.

  • Employ red team tradecraft while conducting exercises.

Qualifications

  1. Minimum 6 years direct, hands-on technical red team and/or government computer network exploitation/attack operations experience (which is to say direct red team operations work and not just that which is in support of red team operations).

  2. Minimum 2 years technical red team and/or government computer network exploitation/attack operations leadership experience (note this is distinct experience from the above and cannot overlap).

  3. Minimum of 3 years of hands-on experience with using modifying and customizing penetration testing and red teaming software frameworks (Cobalt Strike, Kali, etc.) to meet operational requirements.

  4. Minimum of 2 years of independently conducting every phase of a red team exercise on their own without guidance or supervision.

  5. Minimum of 2 year of hands-on experience developing payloads that bypass A/V and EDR solutions for use in various phases of a red team exercise.

  6. Minimum of 2 years mentoring junior and mid-level operators on red team tradecraft and Advanced Knowledge Requirements (that they possess).

  7. Minimum of 2 years of experience in professionally delivering technical red team reports and briefings.

  8. CRTO certification required.

  9. OSCP, OSCE, OSEE, GXPN, and/or GPEN are preferred, but not required.

Additional Qualifications

  • Ability to independently conduct every phase of a red team exercise on their own without guidance or supervision.

  • Hands-on experience developing payloads that bypass A/V and EDR solutions for use in various phases of a red team exercise.

  • Ability to mentor junior and mid-level operators on red team tradecraft and Advanced Knowledge Requirements (that they possess).

  • Experience in professionally delivering technical and executive-level red team reports and briefings.

  • OSCE, OSEE, GXPN, CRTO certifications preferred but not required.

Clearance Statement

Applicants selected for this position will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Only US citizens are eligible for a security clearance. For this position, Barrenfox will consider only applicants with active Public Trust or higher-level security clearances.

APPLY NOW