This job was posted by https://idahoworks.gov : For more information,
please see: https://idahoworks.gov/jobs/2195508 Technology Division,
Cyber Security Operations Team
100% Remote (working EST)
About the Team:
The Cyber Security Operations team is critical to the strategic
foundation of our products, most notably the secure delivery of our new
Digital SAT and AP programs. We are a highly motivated group of cyber
security experts who take a proactive approach to ensuring a strong
security posture. We partner across the organization to mature our
Threat Management and Incident Response procedures and are constantly
seeking and experimenting with new technologies. We are currently using
a variety of cutting-edge tools that provide comprehensive cyber
security operations for the College Board\'s critical infrastructure in
support of the College Board\'s mission to connect students to college
success and opportunity. College Board is committed to creating an
inclusive environment where all team members feel valued, respected, and
supported in their work. We welcome individuals from diverse backgrounds
and experiences to join our team and contribute to our ongoing success.
About the Role
The College Board is seeking a Red Team Operator who will play a
critical role in strengthening our cybersecurity infrastructure. This
individual will validate the effectiveness of our security controls and
detection logic through offensive security operations and collaborative
purple teaming exercises. Leveraging their deep understanding of threat
actors, they will simulate potential cyber threats across our systems
while documenting their findings and methodologies. This will provide
invaluable insights into vulnerabilities and serve as a roadmap for
improving our security measures. The operator will also need to
communicate these results effectively to various stakeholders within the
organization, ensuring leadership is aware of the potential threats and
can take appropriate action to mitigate them. This work is crucial to
protecting the College Board from potential cyber-attacks and ensuring
the safety of our data.
In this role, you will:
Conduct Offensive Cyber Security Operations: Execute covert
operations to assess the organization\'s security posture and
readiness against cyber threats.
Perform Penetration Testing: Conduct comprehensive assessments
of the Digital Exam Player, web applications, and other systems
using both manual and automated testing techniques.
Engage in Purple Teaming: Facilitate collaborative exercises
with internal Incident Response and Threat Hunt teams to enhance the
organization\'s defensive capabilities.
Execute Multi-stage Attack Simulation: Coordinate with Red Team
members to simulate attacks, including initial access, privilege
escalation, lateral movement, and data exfiltration.
Create Threat Mimicry: Mimic adversary tactics, techniques, and
procedures (TTPs) to assess defensive capabilities and identify
weaknesses.
Conduct Security Control Evaluation: Evaluate the detection and
response capabilities of security controls, such as SIEM, EDR, and
network monitoring solutions.
Investigate C2 Techniques: Research and integrate new C2
techniques and tools to evade detection and enhance operational
capabilities. Monitor and analyze C2 traffic for anomalies and
indicators of compromise (IOCs).
Provide Technical Guidance: Provide technical expertise and
guidance to the VTM team on building custom scanning signatures and
techniques. Also, guide threat hunters on adversary behaviors,
attack techniques, and IOCs.
Contribute to Culture Building: Foster a culture of
collaboration and continuous learning within all Cyber Operations
teams.
Stay abreast of em rging threats and vulnerabilities affecting web
applications or endpoints and incorporate them into assessment
methodologies.
About you, you have:
- A bachelor\'s in computer science or equivalent work experience
- 7 years in IT, with 3 years in offensive security
- Experience in Red/Purple team exercises and penetration testing
- Proficiency in C2 frameworks (e.g., Cobalt Strike)
- Certifications like CEH, OSCP, GWAPT, Sec+, or GIAC preferred
- Familiarity with open-source/commercial offensive security tools,
and cloud-based attacker infrastructure deployment.
- Strong understanding of web application CWEs, OWASP Top 10, Threat
Intelligence, and Threat Profiling
- Experience with IDS/IPS, SIEM, network defense tools, DLP
technologies, network security architecture, and enterprise
anti-virus/malware solutions
- Proficiency with Burp Suite and testing Web Applications and API\'s.
- Familiarity/experience with Electron framework preferred
- Ability to maintain discretion and integrity at all times
- Ability to work in the US without sponsorship
Our Benefits & Compensation:
College Board offers a strong compensation and benefits package that
attracts top talent looking to make a difference in e