More jobs:
Senior Cyber Security Engineer/CSET Team Security Clearance
Job in
Patuxent River, St. Mary's County, Maryland, 20670, USA
Listed on 2026-07-09
Listing for:
Scientific Research Corporation
Full Time
position Listed on 2026-07-09
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Location: Patuxent River
Salary statement estimated starting salary range: usd $/yr.
- usd $/yr. Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data. Description
* performing as a member of cyber security evaluation team (cset) providing guidance and subject matter expertise to government personnel
* supporting offensive security/red team/adversarial emulation testing
* executing red team engagements in a variety of networks using real-world adversarial tactics, techniques, and procedures (ttps) from conception to report delivery
* developing comprehensive security testing strategies and programs to provide assurance that security controls are designed and operating effectively
* working independently but collaborate with cross-functional to provide security engineering consulting and control design recommendations to reduce risk
* conducting open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage c2 infrastructure
* systematically analyzing each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering
* developing payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
* safely utilize attacker tools, tactics, and procedures when in sensitive environments/devices
* evading edr devices such as windows defender and carbon black to avoid detection by defenders/behavioral based alerting in order to further the engagement objectives
* demonstrating expertise in the following: active directory, software development, incident response, or cloud infrastructure
* carefully document and log all exploitation activities
* documenting identified vulnerabilities and researching corrective/remediation actions in order to recommend a risk mitigation technique(s)
* demonstrating new vulnerabilities and assist network defenders (blue team) with the refinement of detection capabilities
* maintaining knowledge of applicable red team policies, standing ground rules, regulations, and compliance documents
* communicating effectively with team members especially during an engagement
* ability to think unconventionally in order to develop adversarial ttps
* keeping current with ttps and the latest offensive security techniques #li-dh1 requirements
* bachelor's degree with a focus in computer science, computer information systems, engineering, mathematics, management information systems, cybersecurity, cyber operations, or a related discipline with corresponding experience and demonstrated mastery of relevant computer science topics
* 7+ years of cyber adversarial emulation experience, to include penetration testing of modern windows and linux operating systems, ip-based networks and protocols, 802.11 networks, and/or web applications, hardware hacking, software defined networks/rf
* intermediate knowledge of known advanced persistent threat (apt) actor techniques, tactics, and procedures (ttps), to include familiarity with terminology from mitre att&ck® used to describe ttps used in cyber attacks
* intermediate knowledge of techniques and tools used for exploit development of common operating systems, software debugging, and application fuzzing
* intermediate knowledge of tools and techniques used for incident response, reverse engineering, and digital forensics
* superior oral communication skills, including the ability to project confidence and enthusiasm, in the following core areas: formal presentations; soliciting goals and requirements from range users; explaining adversarial emulation in the context of testing and training events; effectively communicating event and environment requirements to cset members; explaining cost estimates based on estimated levels of cset effort; managing expectations as relevant to cset ttps;
and explaining technical nuances and significant attributes of advanced cyber attacks to non-cyber-savvy audiences
* superior technical writing skills, including the ability to author, review, and provide input and feedback to documents drafted by cset personnel, as well as the ability to create persuasive and impactful technical briefing materials as relevant to range training and test events
* ability to work independently and to collaborate with range and event leadership, cset team members, users, and other event stakeholders
* required/maintain iat level ii or iam level ii 8570 certifications
* in addition to meeting the applicable cyber security workforce (cswf) requirements for computer network defenders (cnd) auditors (dod 8570) or vulnerability assessment analysts (secnav 5239.2), cset members must obtain one or more of the following vendor certifications within 6 months of being hired:
* offensive security certified professional…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×