{"schemaVersion":"jobsearcher.job.v1","id":"32ccbf45719b01e4a2cd647f","url":"https://jobsearcher.com/jobs/32ccbf45719b01e4a2cd647f","canonicalUrl":"https://jobsearcher.com/jobs/32ccbf45719b01e4a2cd647f","title":"Intermediate Red Team Operator","description":"This position is designated as an Intermediate-level Access Network Operator (DCWF Work Role 321) and is not designated as Key Personnel. The individual performs independent penetration testing and red team operations in support of OPTEVFOR Cyber Operational Test & Evaluation (OT&E) activities. The role supports cyber survivability assessments across planning, preparation, execution, and post-test phases and provides technical direction to basic-level operators when required.\n\nQualifications\nThe Intermediate Access Network Operator must meet all qualification requirements of a Basic Access Network Operator in addition to the following:\nOffensive Security Certified Professional (OSCP) or equivalent offensive cybersecurity certification\nMinimum of three (3) years of experience performing penetration testing, red teaming, and/or exploitation development\nProficiency with multiple offensive cyber tools, including:\nMetasploit\nCobalt Strike\nCore Impact\nBurp Suite\nNessus\nSharpHound\nDemonstrated ability to detect malicious program activity using dynamic analysis techniques\nAbility to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives\nKey Responsibilities\nPolicy, Procedures, and Tooling\nBecome proficient in OPTEVFOR Cyber T&E CONOPS, SOPs, policies, and guidance\nMaintain and contribute to the development of 01D SOPs and technical documentation supporting DCAT authorization in accordance with DoDI 8585.01\nResearch, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the 01D tool approval process\nSupport development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations\nResearch adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and operating environments and integrate findings into cyber survivability test planning and execution\nTest Planning\nParticipate in OPTEVFOR cyber test planning activities, including:\nConducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components\nIdentifying attack surfaces and threat vectors\nParticipating in cyber test planning meetings\nGuiding development of cyber test objectives\nReviewing test plans to ensure objectives are feasible and executable\nParticipating in test planning site visits\nTest Preparation\nSupport preparation activities for cyber OT&E events, including:\nParticipation in site pre-test coordination visits and delivery of test site in-briefs\nReviewing approved test plans\nAdding relevant artifacts and research to the test library\nConducting in-depth SUT research and presenting findings to the red team\nPreparing OPTEVFOR Red Team (OPTEV-RT) test assets\nTest Execution\nExecute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletop exercises, in support of Operational Testing, Developmental Testing, risk reduction efforts, and other assigned events\nEmploy OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including:\nCore Impact, Nmap, Burp Suite, Metasploit, Nessus\nApply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across:\nOperating systems (Windows, Linux, Unix)\nNetwork protocols and services (HTTP, FTP, DNS, PKI, HTTPS)\nExecute testing activities independently and provide technical guidance and oversight to Basic-level operators\nEnsure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies\nAdhere to JFHQ-DoDIN deconfliction procedures\nVerify accuracy and completeness of collected test data\nPost-Test and Continuous Improvement\nParticipate in the post-test iterative process, including development of deficiency and risk documentation\nDocument test execution lessons learned and support continuous improvement initiatives\nGenerate and update documentation required to maintain DCAT authorization in accordance with DoDI 8585.01\nParticipate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials\nAttend OPTEVFOR-required meetings in support of OT&E activities\nDCWF Knowledge, Skills, Abilities, and Tasks (KSATs)\nIn addition to meeting all KSAT requirements for a Basic Access Network Operator, the Intermediate operator demonstrates the following:\n\nSkills\nAssessing existing tools to identify capability gaps and improvement opportunities\nTesting and evaluating cyber tools for operational implementation\nKnowledge management and technical documentation (e.g., wiki-based documentation)\nProcessing exfiltrated data for analysis and dissemination\nEvaluating and validating locally developed tools for operational use\nKnowledge\nActive defense methodologies and system hardening techniques\nEncryption algorithms and cyber tools (e.g., TLS, PGP)\nEvasion strategies and exploitation techniques\nForensic implications of operating system structures and processes\nHost-based security products and their impact on exploitation\nNetwork administration, construction, and topology\nSecurity hardware and software options and their effects on exploitation artifacts\nSecurity implications of software configurations\nDigital forensics fundamentals to extract actionable intelligence\nCryptologic capabilities, limitations, and contributions to cyber operations\nUnix/Linux and Windows operating system internals (process management, directory structures, installed applications)\nNetwork collection procedures, including decryption techniques and tools","company":"Geospatial Cloud Analytics","rawCompany":"geospatial cloud analytics","city":"Norfolk","state":"VA","isRemote":false,"isActive":false,"createdAt":"2026-04-14T10:41:31.795Z","occupations":[{"code":"15-1299.04","title":"Penetration Testers","slug":"penetration-testers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541519","title":"Other Computer Related Services","slug":"other-computer-related-services"},{"code":"928110","title":"National Security","slug":"national-security"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Intermediate Red Team Operator","description":"This position is designated as an Intermediate-level Access Network Operator (DCWF Work Role 321) and is not designated as Key Personnel. The individual performs independent penetration testing and red team operations in support of OPTEVFOR Cyber Operational Test & Evaluation (OT&E) activities. The role supports cyber survivability assessments across planning, preparation, execution, and post-test phases and provides technical direction to basic-level operators when required.\n\nQualifications\nThe Intermediate Access Network Operator must meet all qualification requirements of a Basic Access Network Operator in addition to the following:\nOffensive Security Certified Professional (OSCP) or equivalent offensive cybersecurity certification\nMinimum of three (3) years of experience performing penetration testing, red teaming, and/or exploitation development\nProficiency with multiple offensive cyber tools, including:\nMetasploit\nCobalt Strike\nCore Impact\nBurp Suite\nNessus\nSharpHound\nDemonstrated ability to detect malicious program activity using dynamic analysis techniques\nAbility to independently plan and execute penetration testing and red team activities to accomplish assigned test objectives\nKey Responsibilities\nPolicy, Procedures, and Tooling\nBecome proficient in OPTEVFOR Cyber T&E CONOPS, SOPs, policies, and guidance\nMaintain and contribute to the development of 01D SOPs and technical documentation supporting DCAT authorization in accordance with DoDI 8585.01\nResearch, review, prioritize, and submit operational requirements for acquisition of cyber tools and capabilities in accordance with the 01D tool approval process\nSupport development and execution of tactics, techniques, and procedures (TTPs) for penetration testing and red team operations\nResearch adversary cyber actors’ TTPs, organizational structures, capabilities, personas, and operating environments and integrate findings into cyber survivability test planning and execution\nTest Planning\nParticipate in OPTEVFOR cyber test planning activities, including:\nConducting open-source research and reviewing system-under-test (SUT) documentation to understand mission, architecture, interfaces, and critical components\nIdentifying attack surfaces and threat vectors\nParticipating in cyber test planning meetings\nGuiding development of cyber test objectives\nReviewing test plans to ensure objectives are feasible and executable\nParticipating in test planning site visits\nTest Preparation\nSupport preparation activities for cyber OT&E events, including:\nParticipation in site pre-test coordination visits and delivery of test site in-briefs\nReviewing approved test plans\nAdding relevant artifacts and research to the test library\nConducting in-depth SUT research and presenting findings to the red team\nPreparing OPTEVFOR Red Team (OPTEV-RT) test assets\nTest Execution\nExecute assigned cyber test events, including Cooperative Vulnerability Penetration Assessments, Adversarial Assessments, and Cyber Tabletop exercises, in support of Operational Testing, Developmental Testing, risk reduction efforts, and other assigned events\nEmploy OPTEVFOR-provided and NAO-approved commercial and open-source cyber assessment tools, including:\nCore Impact, Nmap, Burp Suite, Metasploit, Nessus\nApply ethical hacking techniques to exploit discovered vulnerabilities and misconfigurations across:\nOperating systems (Windows, Linux, Unix)\nNetwork protocols and services (HTTP, FTP, DNS, PKI, HTTPS)\nExecute testing activities independently and provide technical guidance and oversight to Basic-level operators\nEnsure all testing is conducted safely, in accordance with approved test plans and OPTEVFOR policies\nAdhere to JFHQ-DoDIN deconfliction procedures\nVerify accuracy and completeness of collected test data\nPost-Test and Continuous Improvement\nParticipate in the post-test iterative process, including development of deficiency and risk documentation\nDocument test execution lessons learned and support continuous improvement initiatives\nGenerate and update documentation required to maintain DCAT authorization in accordance with DoDI 8585.01\nParticipate in capture-the-flag events, cyber off-sites, red team huddles, and technical exchange meetings; develop supporting products and materials\nAttend OPTEVFOR-required meetings in support of OT&E activities\nDCWF Knowledge, Skills, Abilities, and Tasks (KSATs)\nIn addition to meeting all KSAT requirements for a Basic Access Network Operator, the Intermediate operator demonstrates the following:\n\nSkills\nAssessing existing tools to identify capability gaps and improvement opportunities\nTesting and evaluating cyber tools for operational implementation\nKnowledge management and technical documentation (e.g., wiki-based documentation)\nProcessing exfiltrated data for analysis and dissemination\nEvaluating and validating locally developed tools for operational use\nKnowledge\nActive defense methodologies and system hardening techniques\nEncryption algorithms and cyber tools (e.g., TLS, PGP)\nEvasion strategies and exploitation techniques\nForensic implications of operating system structures and processes\nHost-based security products and their impact on exploitation\nNetwork administration, construction, and topology\nSecurity hardware and software options and their effects on exploitation artifacts\nSecurity implications of software configurations\nDigital forensics fundamentals to extract actionable intelligence\nCryptologic capabilities, limitations, and contributions to cyber operations\nUnix/Linux and Windows operating system internals (process management, directory structures, installed applications)\nNetwork collection procedures, including decryption techniques and tools","datePosted":"2026-04-14T10:41:31.795Z","dateModified":"2026-04-14T10:41:31.795Z","hiringOrganization":{"@type":"Organization","name":"Geospatial Cloud Analytics","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Norfolk","addressRegion":"VA","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"32ccbf45719b01e4a2cd647f"},"url":"https://jobsearcher.com/jobs/32ccbf45719b01e4a2cd647f"}}