This position is designated as an Intermediate-level Access Network Operator (DCWF Work Role 321) and is not designated as Key Personnel. The individual performs independent penetration testing and red team operations in support of OPTEVFOR Cyber Operational Test & Evaluation (OT&E) activities. The role supports cyber survivability assessments across planning, preparation, execution, and post-test phases and provides technical direction to basic-level operators when required.

Qualifications

The Intermediate Access Network Operator must meet all qualification requirements of a Basic Access Network Operator in addition to the following:

Offensive Security Certified Professional (OSCP) or equivalent offensive cybersecurity certification
Minimum of three (3) years of experience performing penetration testing, red teaming, and/or exploitation development
Proficiency with multiple offensive cyber tools, including:
- Metasploit
- Cobalt Strike
- Core Impact
- Burp Suite
- Nessus
- SharpHound
Demonstrated ability to detect malicious program activity using dynamic analysis techniques
Ability to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives

Key Responsibilities

Policy, Procedures, and Tooling

Become proficient in OPTEVFOR Cyber T&E CONOPS, SOPs, policies, and guidance
Maintain and contribute to the development of 01D SOPs and technical documentation supporting DCAT authorization in accordance with DoDI 8585.01
Research, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the 01D tool approval process
Support development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations
Research adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and operating environments and integrate findings into cyber survivability test planning and execution

Test Planning

Participate in OPTEVFOR cyber test planning activities, including:
- Conducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components
- Identifying attack surfaces and threat vectors
- Participating in cyber test planning meetings
- Guiding development of cyber test objectives
- Reviewing test plans to ensure objectives are feasible and executable
- Participating in test planning site visits

Test Preparation

Support preparation activities for cyber OT&E events, including:
- Participation in site pre-test coordination visits and delivery of test site in-briefs
- Reviewing approved test plans
- Adding relevant artifacts and research to the test library
- Conducting in-depth SUT research and presenting findings to the red team
- Preparing OPTEVFOR Red Team (OPTEV-RT) test assets

Test Execution

Execute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletop exercises, in support of Operational Testing, Developmental Testing, risk reduction efforts, and other assigned events
Employ OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including:
- Core Impact, Nmap, Burp Suite, Metasploit, Nessus
Apply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across:
- Operating systems (Windows, Linux, Unix)
- Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
Execute testing activities independently and provide technical guidance and oversight to Basic-level operators
Ensure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies
Adhere to JFHQ-DoDIN deconfliction procedures
Verify accuracy and completeness of collected test data

Post-Test and Continuous Improvement

Participate in the post-test iterative process, including development of deficiency and risk documentation
Document test execution lessons learned and support continuous improvement initiatives
Generate and update documentation required to maintain DCAT authorization in accordance with DoDI 8585.01
Participate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials
Attend OPTEVFOR-required meetings in support of OT&E activities

DCWF Knowledge, Skills, Abilities, and Tasks (KSATs)

In addition to meeting all KSAT requirements for a Basic Access Network Operator, the Intermediate operator demonstrates the following:

Skills

Assessing existing tools to identify capability gaps and improvement opportunities
Testing and evaluating cyber tools for operational implementation
Knowledge management and technical documentation (e.g., wiki-based documentation)
Processing exfiltrated data for analysis and dissemination
Evaluating and validating locally developed tools for operational use

Knowledge

Active defense methodologies and system hardening techniques
Encryption algorithms and cyber tools (e.g., TLS, PGP)
Evasion strategies and exploitation techniques
Forensic implications of operating system structures and processes
Host-based security products and their impact on exploitation
Network administration, construction, and topology
Security hardware and software options and their effects on exploitation artifacts
Security implications of software configurations
Digital forensics fundamentals to extract actionable intelligence
Cryptologic capabilities, limitations, and contributions to cyber operations
Unix/Linux and Windows operating system internals (process management, directory structures, installed applications)
Network collection procedures, including decryption techniques and tools

GCA is a minority veteran owned small business providing solutions to customer requirements in every realm of the intelligence and information technology industries to include, imagery/intelligence analysis, related systems engineering and administration, operations and maintenance, networking and VTC services.

GCA is committed to a safer tomorrow. The challenges facing our Nation and the World grow ever more complex and require the highest level of dedication, integrity, and service. These core values are the backbone GCA builds upon to provide our customers with exceptional service within the dynamic intelligence community and ever changing Information Technology sector.

(if you already have a resume on Indeed)

Or apply here.

* required fields

First Name*

Last Name*

Email*

Phone*

Yes, Text Me!

I consent to receiving text messages about this hiring process and, if hired, future job related information from Geospatial And Cloud Analytics Inc.

Message and data rates may apply. Message frequency varies. Reply STOP to opt out. Reply HELP for help. See our User Terms of Service and Privacy Policy for details.

Get faster updates with texting!

Message and data rates may apply. Message frequency varies. Reply STOP to opt out. Reply HELP for help. See our User Terms of Service and Privacy Policy for details.

Location

Address

City

States

ZIP Code

Resume/CV *

Type/Paste Text

Cover Letter

Type/Paste Text

Recent Job Title

Recent Employer

Do you currently hold an active Offensive Security Certified Professional (OSCP) or equivalent certification?*

I was referred to this position by a current employee

Who referred you?

Paid Time off that includes 10 federal holidays and 15 additional days.

Bereavement Leave & Parental Leave

PTO Cash out

Company Paid STD and LTD

Life and AD&D Insurance

Employee referral program

Medical, Prescription, Dental, and Vision Coverage

401k Savings and company match

Intermediate Red Team Operator

Or apply here.

Yes, Text Me!

Get faster updates with texting!