Engility CYBER PROTECTION TEAM CYBER THREAT EMULATOR - SYSTEMS TESTING & EVALUATION in San Antonio, Texas
Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure.
Are you a problem solver? Do you like complex, challenging puzzles? Do you enjoy traveling and experiencing new environments? If so, this position may be a perfect fit for you. The candidate will be a key player in supporting and evolving the processes, procedures and methodologies for implementing and executing exploitation analysis activities for the Cyber Threat Emulation Squad supporting a Cyber Protection Team. The candidate will be involved throughout all phases of the CPT mission and will serve in the role of a
Cyber Threat Emulatorwith a concentration in Systems Testing and Evaluation. Although not all inclusive, the position involves providing support for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interpret, analyze, and report all activities of interest (AOIs) in accordance with computer network directives, including initiating, responding, and reporting discovered events. Manage and execute first-level responses and address reported or detected incidents. Participate in project review meetings and provide technical INFOSEC guidance and updates. Document policies, procedures, and lessons learned accordingly. Candidate must possess excellent written and verbal communication skills.
More specifically, the candidate will:
Demonstrate an ability to methodically and pro-actively analyze problems and offer solutions.
Understand and be well versed in common cyber threat terminology, vulnerability and penetration test principles and methodologies; possess basic knowledge of cyber incident and response, forensics and related current events.
Exhibit good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
Understand and be proficient in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events.
Travel up to 30% with trips varying in length, as dictated by the customer.
Bachelor’s or Master’s Degree in Computer Science, computer engineering, or technical relevant field.
Other degrees with strong computer technology curriculum may be considered.
Expert knowledge of physical computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols, security hardware and software.
Proficiency in writing, editing, executing scripts on Windows, Linux, Unix systems.
Certifications such as CEH, Security+, SANS GPEN, LPT (Licensed Penetration Tester), OSCP (Offensive Security Certified Professional).
Experience with toolsets such as Wireshark, Metasploit, tcdump, NMap, Nessus, Snort, BRO, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal.
Experience programming in assembly, compiled, and interpreted languages.
Proficiency with command line interface.
Experience with encryption and decryption such as PGP, DES, AES, RSA, PKI.
Knowledge of distributed systems, process control, advanced routing, wireless, telecom and datacom platforms.
Experience programming in C, C++, C#, Ruby, Perl, Python, SQL.
Certifications such as GXPN, GREM CCNA, CCNP, CCIE, RHCE, CompTIA.
Correlation environment tools (ArcSight).
Linux Operating Systems.
GIAC Certification (GCIA).