STS Systems Support, LLC (SSS) is a government consulting and contracting firm supporting federal agencies and military installations across the U.S. We are seeking a Cyber Threat Emulation & Analyst at Lackland AFB in San Antonio, TX.
What You'll Do: - Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads.
- Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities.
- Test for real-time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact.
- Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. (CDRL A007 & A008)
- Develop mitigations, policies, and procedures to coordinate with internal teams. (CDRL A007)
- Work with incident response team to develop response policies and procedures.
- Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to operators. (CDRL A008)
- Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs).
- Research & Evaluate threats and vulnerabilities to assist in the prioritization of remediation actions.
- Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings.
- Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon adversary behavior.
- Formulate, lead and persuade individuals, large teams and communities on ideas, concepts, and opportunities.
- Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
- Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
- Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009).
- Provide information to operational leaderships tasking as required as it relates to CTE actions
What You Bring:Requirements:- DoDD 8570.01-M/8140.01 I AT Level III CND
- Active TS/SCI
- Five years' of penetration testing experience. BA/BS or MA/MS
- Five (5) years of penetration testing experience.
- Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation.
- Experience with PowerShell, BASH or Python scripting/programming language.
- Must have a strong understanding of Linux Operating System.
- Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)
What We Offer:STS Systems Support, LLC (SSS) offers a competitive benefits package to include paid holidays, paid time off including sick and vacation leave, medical, dental and vision insurance, flexible spending accounts, short and long term disability, company paid life insurance, 401(k) with a company match and discretionary profit sharing and tuition reimbursement.
