Red Team Operator & Penetration Tester

Published date Posted on Indeed on Jan 14, 2022 (3 d ago)

Company

Federal Reserve Bank of Richmond

The Richmond Fed is the proud home of the Federal Reserve’s National IT organization—a nationwide team delivering technology solutions and support across the Federal Reserve System. Many National IT employees are located in Richmond, while others are based across the U.S. at other Federal locations.

When you join our team, you’ll become part of a culture that welcomes differences, cares about our communities, and empowers each other to lead from where we are to make things better.

Bring your passion and we’ll provide challenging and purposeful careers in a variety of fields, opportunities to grow and a wide range of benefits and perks that support your health and wealth. It’s all part of what makes #MyRichmondFed a great place to work!

About the Opportunity

The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System (FRS), delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the FRS. NIRT’s mission is to play a leading role in the FRS’ efforts to protect its information systems against unauthorized use.

NIRT’s Adversary Emulation team has an immediate opening for an Operator to join their team as a key participant on a variety of engagements and projects that will target and evaluate the cyber security posture of people, processes, and technology within the FRS.

As an Operator, you will report to the Sr. Manager and work on a team of security professionals focused on enabling business line initiatives by performing security assessments against people, processes, and technologies by using automated tools and expertise of hands-on tools that simulate attacker tactics, techniques and procedures (TTPs). You will also perform assessments for new and existing services, infrastructure, and applications to identify weaknesses before an attacker does.

You will use a variety of tools and techniques including penetration testing, red teaming, purple teaming, and social engineering and have the opportunity to combine your technical expertise with your imagination to discover innovative methods for ensuring that the FRS remains one step ahead of its adversaries around the world.

What You Will Do

  • Strengthen FRS security posture through offensive security assessments where you will lead assessment activities including the identification and exploitation of vulnerabilities across the system

  • Leverage offensive security experience to coordinate the execution of cybersecurity solutions to benefit security engagements and mitigate cyber threats

  • Improve operational efficiency by building and evaluating workflow processes, procedures, checklists, automation and tooling

  • Enable success of security initiatives by overseeing initial project development surrounding security or technology capabilities and creating operations-based documentation

  • Address cybersecurity needs by advising clients on best practices and how to implement changes to securely address complex business needs

  • Envision and propose cross-team initiatives to implement cybersecurity improvements for recognized gaps

  • Grow security capabilities to defend the FRS by working with internal and external stakeholders to develop strategies and plans to enforce security requirements

  • Identify and prioritize key risk areas balancing business risk and cyber threats via research of industry trends and business partner missions

  • Lead and execute technical security assessments to identify risk, likelihood and impact an attacker may have on the System due to weak or missing controls

  • Perform cybersecurity and Operator duties as assigned

Preferred experience we’re looking for:

  • 5 - 9 years of relevant information security related work experience in areas such as: computer network defense, computer network exploitation and post-exploitation

  • Bachelor's Degree or equivalent experience

  • Experienced in all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration

  • Experienced in offensive cybersecurity roles, such as malware development, red teaming, penetration testing (e.g., web, infrastructure, cloud), purple team exercises in cloud and on-prem environments

  • Accomplished with scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools

  • The following certifications are highly preferred: GPEN, GWAPT

  • Team player with interpersonal, collaborative and consultative skills

  • Strong attention to detail, oral and written communications skills tailored to audiences ranging from technical subject matter expert partners to senior executive stakeholders

  • Experience managing client relationships, including determining needs, managing expectations, and demonstrating commitment to delivering quality results

Discover the Reason Why So Many People Love It Here!

When you join Federal Reserve’s National IT organization, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including:

  • Great medical benefits

  • Pension and 401(k) with employer match

  • Paid time off

  • Tuition reimbursement

  • Employee resource networks

  • Paid volunteer leave

  • Flexible work options

  • Onsite amenities that make working here fun!

Other Requirements and Considerations:

  • A requirement of this position is that the employee must be fully vaccinated against COVID-19; individuals who are unable to be vaccinated due to a medical condition or sincerely held religious belief may request an accommodation from the Bank.

  • By federal law, the candidate hired for this position must able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.

  • Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions. The Code is available on the About Us, Careers webpage at www.richmondfed.org .

  • Sponsorship is not available for this role. Selected candidate is subject to special background check procedures including criminal check, credit check, and drug screen.

  • The Richmond, VA hiring range(s):

    o Senior Cybersecurity Advisor- $111,800 - $139,700 annually.

  • For candidates not located in Richmond, VA, the salary range may be adjusted for your geographic location.

  • Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications/experience.

Full Time / Part Time

Full time

Regular / Temporary

Regular

Job Exempt (Yes / No)

Yes

Job Category

Information Technology

Work Shift

First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice


Let us know

Help us maintain the quality of jobs posted on RemoteTechJobs and let us know if:

Loading...
Success
Error on reporting

Related jobs

DescriptionYour Role:Tenable is looking for an experienced Senior Software Engineer to join our Vulnerability Intelligence Feeds research team. This position will focus on the design, development, and maintenance of our framework of web scrapers, data normalizers, content generat

ProFocus ProFocus |
Today

TITLE: Software Development Engineer in Test - PythonLOCATION: REMOTEPAY: Target pay for this role is $120K-140K per year but may vary based on experienceENGAGEMENT TYPE: Direct HireWHAT YOU’LL BE DOINGThis is an experienced level Software Development Engineer in Test posit

US RemoteSophos LabsJob Requisition Number: AMLAB192Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat inte

Sophos Sophos |
Yesterday

US RemoteSophos LabsJob Requisition Number: AMLAB192Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Powered by threat inte

Teramind is seeking a highly-experienced Data Scientist & ML Engineer. There is no minimum education required for this position, but candidates should have 5+ years of advanced experience working with big data and ML. Promising candidates will go through a rigorous interview

More jobs by this company

Federal Reserve Bank of Richmond Federal Reserve Bank of Richmond... |
30 d ago

CompanyFederal Reserve Bank of RichmondThe Richmond Fed is the proud home of the Federal Reserve’s National IT organization—a nationwide team delivering technology solutions and support across the Federal Reserve System. Many National IT employees are located in Richm