Red Cell Cyber Analyst
RED CELL CYBER ANALYST (Operational Position)
The Red Cell Cyber Analyst assumes all cyber advisory responsibility for the Red Team. The Red Cell Cyber Analyst works as needed with Red Cell Program Leads. This will include supporting adversarial cyber information for program objectives, identifying gaps in cyber architecture, and developing cyber emulative courses of action pertaining to vulnerability assessment. The Red Cell Cyber Analyst is responsible for providing advice to tactical partner elements and Red Team personnel in planning adversarial Cyber Warfare activities. He/She reports directly to the Red Team Analysis and Production Manager but directly fulfills requirements for the Red Cell Program Leader. The Red Cell Program Leader is responsible overall for the team’s ability to meet or exceed contractual obligations in terms of quality and timeliness.
The Red Cell Cyber Analyst is responsible for providing advisory support concerning computer (network and infrastructure) analysis to enable Adversarial Cyber and/or Electronic Warfare Operations to an evolving Defense Threat Reduction Agency, Nuclear Enterprise, Mission Assurance Red or DoD Red Team.
The Red Cell Cyber Analyst will perform duties as the core subject matter expert (SME) in cyber red team analysis in a variety of complex data topics related to various threats. As required, the Red Cell Cyber Analyst will deploy in direct support of specific vulnerability assessments to provide local SME advisory.
The Red Cell Cyber Analyst shall:
- Characterize the adversary’s cyber capabilities. Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization using a combination of both classified and unclassified sources.
- Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist Red Team Program Leader collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary cyber courses of action and relevant information requirements (IR).
- Identify, map, and plan potential exploitation for key telecommunications networks.
- Analyze and characterize cyber systems and conduct analysis appropriate to the program, identify essential functions/tasks and critical assets necessary to perform them as determined by the program leader.
- Contribute to developing cyber adversary courses of action (CoA). Develop courses of action that a cyber adversary might employ against customer personnel, equipment, facilities, networks, information and information systems, infrastructure, and supply chains. Identify critical nodes/links or other targets and the effects of other environmental characteristics on course of action development.
- Facilitate timely information management flow from DoD Red Team partner elements and other entities supporting DoD Red Team operations.
- Support field assessments from a cyber adversary perspective.
- Synthesize findings to support vulnerability identification, course of action development, protection studies, trend analyses, risk analysis, and mitigation strategies.
- Develop a comprehensive understanding of the cyber implications of vulnerabilities discovered and fuse those findings with the systems analysis and determine impacts to the national and military missions they support.
- Prepare activity reports including out briefs, senior leader briefs, and interim progress reports (IPRs) and briefs, white papers, after action reviews, final reports, risk analysis products, and other documents necessary to convey assessment findings to customers, partners, and other stakeholders.
- Be able to explain network/system mechanisms to analysts and ground element in order to facilitate better analysis and operations.
- Should have a diverse understanding of network and information security operations, network exploitation, and telecommunications.
- Perform regular updates of existing Playbooks based on changes in the Threat Landscape or upon discovery of new threat tactics or procedures.
Four year BS/BA degree with two years applicable experience as a cyber analyst; or Associates Degree with four years applicable experience as a cyber analyst; or eight years of applicable experience as a cyber analyst.
Previous experience concerning the components and functions of various communications networks and information systems.
An understanding of both the physical and digital aspects of communications systems.
Proficient in understanding, analyzing and summarizing comprehensive and complex technical, contractual, and research information/data.
Demonstrated expertise performing information/data collection, analysis, and fusion.
Excellent analytical, communications-both oral and written, and project management experience.
Possess a current driver’s license
Capable of operating a rental vehicle
Active TS/SCI Clearance
- The successful candidate will have also one or more of the following qualifications:
- Understand and be well versed in common cyber threat terminology, vulnerability and penetration test principles and methodologies; possess basic knowledge of cyber incident and response forensics and related current events.
- Familiarity with Log Analysis, Packet Analysis OSI Model, Network Architectures, NIST, DIA-CAP, RMF, and Information Operations, threat intelligence activities including the collection of and tracking threat actors, digital forensics incident response; and threat hunting methodologies.
- experience performing attack analysis or Red Team penetration testing against operational computer networks including experience in Windows Security, Network Security, Linux/Unix Security, Database security, or Mainframe Security.
- Ability to operate and navigate the Windows and UNIX/Linux operating system from the command prompt/line with ease.
- Graduate of one of the following Joint Cyber Analysis Course, Cyber Common Technical Core, Cyber Threat Emulation Methodologies or equivalent
- Bachelor’s Degree in Information Technology, Computer Science, Information Systems or other STEM discipline
- Must possess or be willing to obtain GSEC or Security+
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.