Epicareer Might not Working Properly
Learn More
Please Turn on your JavaScript

Epicareer might not working properly because your browser javascript is turned off.

What is JavaScript?

JavaScript is like the magic behind making websites interactive. Basically, it makes Epicareer more enjoyable and engaging.
How do i turn this on?
Find tutorial for your browser below :
  1. Make sure the webpage is open.
  2. In the Safari app on your Mac, choose Safari > Preferences, then click Security.
  3. Make sure the Enable JavaScript checkbox is selected.
  4. Click Websites.
  5. On the left, click Content Blockers.
  6. Make sure Off is chosen in the pop-up menu next to the website.
  7. On the left, click Pop-up Windows.
  8. Make sure Allow is chosen in the pop-up menu next to the website.
Visit Site here
  1. Open Chrome on your computer.
  2. Click. then Settings.
  3. Click Privacy and Security.
  4. Click Site settings.
  5. Click JavaScript.
  6. Select Sites can use Javascript.
Visit Site here
  1. If you're running Windows OS, in the Firefox window, click Tools > Options.
  2. Tip: If you're running Mac OS, click the Firefox drop-down list > Preferences.
  3. On the Content tab, click the Enable JavaScript check box.
Visit Site here
  1. Click the "Settings and more" icon at the top right of the Edge browser window.
  2. Click Settings.
  3. From the Settings menu, click Cookies and site permissions.
  4. Scroll down and click on JavaScript.
  5. In the JavaScript window, toggle the slider to "on" or "allowed."
  6. Close the Settings tab.
  7. Refresh the page.
Visit Site here
  1. Go to Settings.
  2. Click Advanced in the left sidebar, and click Privacy & security.
  3. Under Privacy and security, click Site settings.
  4. Click JavaScript.
  5. At the top, turn on or off Allowed (recommended).
Visit Site here
Any Question? Contact us
logo
Jobs or company...

Senior Cyber Security Engineer

  • Full Time, onsite
  • Scientific Research Corporation
  • On Site, United States of America
Salary undisclosed

Apply on

Dice
Original
Simplified
Job Description

PRIMARY DUTIES & RESPONSIBILITIES:
  • Oversee CSET Team operators and provide guidance and subject matter expertise to government personnel
  • Support offensive security/red team/adversarial emulation testing
  • Execute Red Team engagements in a variety of networks using real-world adversarial Tactics, Techniques, and Procedures (TTPs) from conception to report delivery
  • Develop comprehensive security testing strategies and programs across NCRC-U to provide assurance that security controls are designed and operating effectively
  • Develop innovative accelerators, tools, mechanisms, and processes to enhance the security team's velocity and scale to customer needs
  • Facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately. Demonstrate creativity, insight, intellectual flexibility, and sound business judgment throughout the process
  • Work independently but collaborate with cross-functional to provide security engineering consulting and control design recommendations to reduce risk
  • Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure
  • Systematically analyze each component of an application with the intent of locating programming flaws that could be leveraged to compromise the software through source code review or reverse engineering
  • Develop payloads, scripts and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
  • Safely utilize attacker tools, tactics, and procedures when in sensitive environments/devices
  • Evade EDR devices such as Windows Defender and Carbon Black to avoid detection by Defenders/behavioral based alerting in order to further the engagement objectives
  • Demonstrate expertise in one of the following: Active Directory, Software Development, Incident Response, or Cloud Infrastructure
  • Carefully document and log all exploitation activities
  • Continually exercise situational awareness in order quickly identify any instances of cohabitation
  • Document identified vulnerabilities and research corrective/remediation actions in order to recommend a risk mitigation technique(s)
  • Demonstrate new vulnerabilities and assist Network Defenders (Blue Team) with the refinement of detection capabilities
  • Maintain knowledge of applicable Red Team policies, Standing Ground Rules, regulations, and compliance documents
  • Communicate effectively with team members and during an engagement
  • Ability to think unconventionally in order to develop adversarial TTPs
  • Keep current with TTPs and the latest offensive security techniques


Requirements

MINIMUM SKILLS & REQUIREMENTS:
  • Bachelor's degree with a focus in computer science, computer information systems, engineering, mathematics, management information systems, cybersecurity, cyber operations, or a related discipline with corresponding experience and demonstrated mastery of relevant computer science topics
  • 5+ years of cyber adversarial emulation experience, to include penetration testing of modern Windows and Linux operating systems, IP-based networks and protocols, 802.11 networks, and/or web applications, hardware hacking, software defined networks/RF
  • 10+ years of experience in leading complex and technically diverse teams of cyber professionals (software developers, system administrators, penetration testers, incident responders, etc.)
  • Intermediate knowledge of known Advanced Persistent Threat (APT) actor Techniques, Tactics, and Procedures (TTPs), to include familiarity with terminology from Mitre ATT&CK used to describe TTPs used in cyber attacks
  • Intermediate knowledge of techniques and tools used for exploit development of common operating systems, software debugging, and application fuzzing
  • Intermediate knowledge of tools and techniques used for incident response, reverse engineering, and digital forensics
  • Superior oral communication skills, including the ability to project confidence and enthusiasm, in the following core areas: formal presentations; soliciting goals and requirements from range users; explaining adversarial emulation in the context of testing and training events; effectively communicating event and environment requirements to CSET members; explaining cost estimates based on estimated levels of CSET effort; managing expectations as relevant to CSET TTPs; and explaining technical nuances and significant attributes of advanced cyber attacks to non-cyber-savvy audiences
  • Superior technical writing skills, including the ability to author, review, and provide input and feedback to documents drafted by CSET personnel, as well as the ability to create persuasive and impactful technical briefing materials as relevant to range training and test events
  • Ability to work independently and to collaborate with range and event leadership, CSET team members, users, and other event stakeholders
  • Required/Maintain IAT Level III or IAM Level III 8570 certifications include one or more of the following:
    • CASP+ CE
    • CCNP Security
    • CISA
    • GIAC Incident Handler (GCIH)
    • GIAC Certified Enterprise Defender (GCED)
    • CISM
    • GSLC
    • CCISO
    • Certified Information Systems Security Professional (CISSP)
  • In addition to meeting the applicable cyber security workforce (CSWF) requirements for Computer Network Defenders (CND) Auditors (DoD 8570) or Vulnerability Assessment Analysts (SECNAV 5239.2), CSET members must obtain one or more of the following vendor certifications within 6 months of being hired:
    • Offensive Security Certified Engineer (OSCE)
    • Offensive Security Certified Professional (OSCP)
    • GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)
    • Offensive Security Certified Engineer (OSCE3)

DESIRED SKILLS & REQUIREMENTS:
  • Master's degree with a focus in computer science or cybersecurity
  • 10+ years of experience supporting the execution of Department of Defense (DoD) offensive cyber operations (OCO) or defensive cyber operations (DCO) as a civilian, contractor, or uniformed personnel
  • Experience with operational training programs and qualification standards
  • Red Team, Computer Operator or Exploitation Analyst experience with Transportation Systems Management and Operations (TSMO), US Air Force, US Navy or National Security Agency (NSA) / Cyber Mission Force teams
  • Experience with OT, IoT, XIoT is a plus

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL

ABOUT US

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

DIVERSITY & INCLUSION

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

EQUAL OPPORTUNITY EMPLOYER

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

[#CJ #LI-DG1]
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job
Similar Jobs