SAIC is looking for an Offensive Security Operator. This position can be 100% remote nationwide.
The Offensive Security Operator will have prior experience as a Penetration Tester or as a Red Team member. This position will join SAIC's Internal Offensive Cyber Operations Team and will help build the Program. Initial primary responsibilities will be focused on establishing processes and procedures for Internal Penetration Testing and comprehensive enterprise Penetration Testing engagements; then move to the planning and execution of these periodic engagements.
The two person OCO Team is also responsible for coordinating and performing Automated Adversarial Emulation and Purple Team Exercises. Long-term, both operators will be required to perform these OCO assessment types on a recurring basis, as well as continue to develop their skills, knowledge, and capabilities in these areas and to advance the program by establishing the internal Red Team.
Responsibilities / Duties
- Conduct Network and Web Application Penetration Testing
- Perform full-scope internal penetration tests (discovery, evasion, privilege escalation, execution/exploitation, credential access, lateral movement, & action on objectives) in a controlled/safe manner on live network infrastructure services, Active Directory environments and other systems/applications
- Interface and coordinate with System Owners to establish the scope for testing, test schedule, test goals, and rules of engagement
- Identify and evaluate complex business and technology risks, internal controls which mitigate the risks, and related opportunities for internal control improvement
- Execute and help to improve existing External Penetration Testing, Purple Team Exercises and Adversarial Emulation assessments
- Must demonstrate knowledge of MITRE’s ATT&CK framework, and be able to emulate execution of atomic and chain TTP’s
- Assist with establishing the internal Red Team processes and procedures
Keys for Success
- Operate professionally always guided by SAIC's Core Values: Passion, Empowerment, Integrity, Inclusion and Innovation
- Ability to effectively prioritize and effectively execute multiple assigned tasks
- Attention to details in the execution of tasks and in documentation
- Flexibility, Persistent, Resilience and Determination
- Self-starter with ability work with little supervision
- Curiosity and love to solve problems and puzzles; analytically rigorous; uncompromising integrity
- Ability to work independently, as well as optimally work in teams with individuals with a variety of skills and backgrounds
- Passion for life-long-learning and skills development
Education: Bachelors and nine (9) years or more experience; or (5) years or more experience in a full-time Offensive Security role and an intermediate to advanced Professional Offensive Security certification, with OSCP or GXPN preferred.
Required Skills, Experience & Key Results Areas:
- Able to test, identify and exploit trust, misconfigurations and vulnerabilities in live Microsoft Active Directory environments without getting detected by advanced commercial security solutions
- Exploitation of security policies and access controls in restricted/secure environments (e.g., GPO bypass, privilege escalation and A/V evasion)
- Work proficiently from the Windows and UNIX/Linux command line (e.g., Bash and PowerShell)
- Ability to write scripts in PowerShell and Bash
- Ability to research and formulate recommendations for vulnerabilities found during assessments
- Ability to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
- Ability to test, identify and exploit trust, misconfigurations, and vulnerabilities in live Microsoft Active Directory environments
- Research and formulate recommendations for vulnerabilities found during assessments
- Good written and verbal communication skills and the ability to work independently or under general direction only.
Desired Skills & Experience:
- Python scripting skills
- Prior SOC Defensive Cyber Operations or Incident Response role
- Prior experience as a member of an internal Penetration Testing Team or for a Penetration Testing firm.
- In-depth knowledge of information technology, evolving threats, attack patterns, incident response, and cybersecurity standards.
- Experience performing Penetration Testing against target systems hosted in cloud environment (e.g., AWS, Azure or GCP)
- Experience documenting repeatable processes and procedures
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.