Provide Cyber Threat Emulation (CTE) Services, which researches, develops, and employs the tactics, techniques, and procedures of cyber threat actors on operational and test networks in order to improve the detection and response capabilities of the customer cybersecurity technologies.
Knowledge of security compliance policy, programs, processes, and metrics.
Knowledge of Cyber Security and Information Protection and Privacy.
Excellent verbal and writing skills with the ability to write clear and concise assessment reports.
Knowledge of network and web architectures & technologies.
Familiarity with and understanding of current hacking techniques, vulnerability disclosures, and data breach incidents.
Versed in secure internetworking technologies, such as firewalls, intrusion detection systems, intrusion prevention systems and VPNs as they relate to the external security posture of a client organization.
Understanding of network switching and routing.
Have familiarity with penetration testing tools and tool suites.
Develops and uses scripts and utilities to automate assessment and analysis.
Familiarity with Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, and Open Source Security Testing Methodology Manual (OSSTMM).
Researches and evaluates new concepts and processes to improve performance.
Develops new concepts and processes.
Analyzes root causes and resolves issues.
Supports more junior level technicians and specialists in their activities.
Can perform all tasks of lower level technicians or specialists.
Works individually, actively participates on integrated teams, and may also lead a task, project or team
Requires guidance and direction from more expert level technicians, specialists, and managers only when dealing with new, uncertain situations.
Provides guidance to lower level technicians and specialists.