Senior Red Team Operator/Penetration Tester

03 Aug 2024

Vacancy expired!

Company Federal Reserve Bank of Richmond

When you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We dedicate more than $1 billion to technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future.

Bring your passion and expertise, and we'll provide the opportunities that will challenge you and propel your growth-along with a wide range of benefits and perks that support your health, wealth, and life. In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a flexible work environment where you can truly find balance

Want to learn more about our culture? Hear what our employees have to say about Life at the Richmond Fed by visiting our #MyRichmondFed , and learn more about our Commitment to Diversity & Inclusion by visiting Careers at the Richmond Fed .

Thanks to the work of all our employees, the Federal Reserve Bank of Richmond has received Great Place to Work® and Active RVA Workplace certifications, and been recognized for our award-winning culture by being named Best Place to Work for LGBTQ Equality and 2022 Division on Career Development and Transition's (DCDT) Employer of the Year .

About the Opportunity

Our National IT Office of the Chief Information Security Officer's (OCISO) National Incident Response Team (NIRT), a national service provider for the Federal Reserve System (FRS), delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the FRS. NIRT's mission is to play a leading role in the FRS' efforts to protect its information systems against unauthorized use.

NIRT's Adversary Emulation team has an immediate opening for a Red Team Operator to be a key participant on a variety of engagements and projects that will target and evaluate the cyber security posture of people, processes, and technology within the FRS.

As a Red Team Operator, you will have the opportunity to combine your technical expertise with your imagination to discover innovative methods for ensuring that the FRS remains one step ahead of its adversaries around the world.

Reporting to the Manager- Adversary Emulation, you will work on a team of security professionals focused on enabling business initiatives by using automated and hands-on tools that simulate attacker tactics, techniques and procedures (TTPs) to perform security assessments against people, processes, and technologies. You will perform assessments for new and existing services, infrastructure, and applications to identify weaknesses before an attacker does by using a variety of tools and techniques including penetration testing, red teaming, purple teaming, and social engineering.

What You Will Do
  • Strengthen FRS security posture through offensive security assessments and lead assessment activities including the identification and exploitation of vulnerabilities across the System
  • Leverage offensive security experience to coordinate the execution of cybersecurity solutions to benefit security engagements and mitigate cyber threats
  • Improve operational efficiency by building and evaluating workflow processes, procedures, checklists, automation and tooling
  • Enable success of security initiatives by overseeing initial project development surrounding security or technology capabilities and creating operations-based documentation
  • Advise clients on best practices and how to implement changes to securely address complex business needs
  • Propose cross-team initiatives to implement cybersecurity improvements for recognized gaps
  • Grow security capabilities to defend the FRS by working with internal and external stakeholders to develop strategies and plans to enforce security requirements
  • Identify and prioritize key risk areas balancing business risk and cyber threats via research of industry trends and business partner missions
  • Lead and execute technical security assessments to identify risk, likelihood and impact an attacker may have on the System due to weak or missing controls

Preferred experience we're looking for:
  • 5 - 9 years of relevant information security related work experience in areas such as: computer network defense, computer network exploitation and post-exploitation
  • Bachelor's Degree or equivalent experience
  • Experienced in all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration
  • Experienced in offensive cybersecurity roles, such as malware development, red teaming, penetration testing (e.g., web, infrastructure, cloud), purple team exercises in cloud and on-prem environments
  • Accomplished with scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools
  • The following certifications are highly preferred: GPEN, GWAPT
  • Team player with interpersonal, collaborative and consultative skills
  • Experience managing client relationships, including determining needs, managing expectations, and demonstrating commitment to delivering quality results

Discover the Reason Why So Many People Love It Here!

When you join Federal Reserve's National IT organization, not only will you find a challenging and purposeful career, you'll also have access to a wide range of benefits and perks that support your health and wealth, including:
  • Great medical benefits
  • Pension and 401(k) with employer match
  • Paid time off
  • Tuition reimbursement
  • Employee resource networks
  • Paid volunteer leave
  • Flexible work options
  • Onsite amenities that make working here fun!

Other Requirements and Considerations:
  • A requirement of this position is that the employee must be fully vaccinated against COVID-19; individuals who are unable to be vaccinated due to a medical condition or sincerely held religious belief may request an accommodation from the Bank.
  • Candidates should review the Bank's Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions.
  • If you need assistance or an accommodation due to a disability, please notify rich.recruitment@rich.frb.org.
  • By federal law, the candidate hired for this position must able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.
  • The national salary range is $111,800 - $153,600. Salary adjustments may be made for the following markets - New York/New Jersey/San Francisco, Chicago/Philadelphia, Boston, Seattle/Los Angeles.
  • Salary offered will be based on the job responsibilities and the individual's knowledge, skills, and experience as defined in the job qualifications/experience.

#FRB123

Full Time / Part Time Full time

Regular / Temporary Regular

Job Exempt (Yes / No) Yes

Job Category Analytical, Information Technology

Work Shift First (United States of America)

The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

Privacy Notice

  • ID: #44563419
  • State: California Sanfrancisco 94102 Sanfrancisco USA
  • City: Sanfrancisco
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2022-08-03
  • Deadline: 2022-10-01
  • Category: Et cetera