Cybersecurity Engineer

Dark Wolf is seeking a highly motivated and experienced Senior Cybersecurity Specialist to lead advanced threat detection, vulnerability assessment, and adversarial simulation initiatives. The ideal candidate will be an expert in adversarial Tactics, Techniques, and Procedures (TTPs) and possess a proven track record of designing and executing internal purple team exercises aligned to the MITRE ATT&CK framework. This role demands a deep understanding of the Dev Sec Ops  lifecycle, including secure cloud deployments and continuous Authority to Operate (cATO) processes, along with the ability to effectively communicate assessment results to internal and external customers.

You will be a critical part of a team dedicated to modernizing and securing software development and delivery capabilities for our clients.

• Leading and managing advanced security assessments, providing strategic guidance and oversight for the design, development, and execution of internal purple team exercises that align to the MITRE ATT&CK framework
• Driving the deployment of secure IT infrastructure and cybersecurity services, utilizing both commercial and open‑source security assessment tools to proactively address and remediate identified security gaps
• Serving as a primary consultant for strategic threat modeling, incorporating TTP libraries of key adversaries to identify methods to detect emerging cyber threats and evolving attack methods
• Acting as a key liaison and interacting with other Security and Engineering pillars to foster operational communication and collaborate on the ongoing cATO process for secure development
• Managing and producing high‑quality deliverables, including the thorough documentation of purple team assessment processes, results, and remediation efforts to provide clear status updates to stakeholders
• Demonstrating creative thinking and superior problem‑solving skills in complex environments, particularly when employing advanced forensic tools and techniques for attack reconstruction and post‑incident analysis
• Communicating in an organized, knowledgeable, and persuasive manner, both in written and verbal formats, ensuring quality assurance and the spreading of cybersecurity best practices across the organization
• Identifying and proactively addressing client security needs, displaying the ability to contribute to a resilient threat defense vision and effectively manage implementation efforts
• Managing and/or contributing significantly to project planning, execution, and reporting of incident responses, malware analysis, and vulnerability mitigation.

• 5+ years of experience in three or more specific areas to include: networking security, penetration testing tools, red teaming, vulnerability assessment tools, and SIEM threat detection
• Strong technical proficiency with cloud technology and deployments (Amazon Web Services, Microsoft Azure) and familiarity with container technologies, including container orchestration (Kubernetes) and microservices
• Proven experience conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs)
• Strong understanding of organizational threat modeling and the ability to map exercises and detection methods directly to the MITRE ATT&CK framework
• Proficiency with commercial and open‑source security assessment tools, along with a deep understanding of secure development practices and the cATO process
• Demonstrated strong written and verbal communication skills, with the ability to document complex technical assessment processes and results for internal and external customers
• DOD 8570 IAT 3 Compliance (e.g., CISSP, CASP+, or equivalent)
• US Citizenship and currently possess an active security clearance (clearable up to TS/SCI as required by client environments)

• OSCP, CEH, CISSP, CKS, GCIH, GPEN, or equivalent technical certifications
• Experience employing advanced forensic tools and techniques for attack reconstruction (including dead system analysis and volatile data collection/analysis) and familiarity with tools such as Wireshark, Fiddler,…