Amazon Offensive Security Jobs (NOW HIRING)

Overview:CDT is lookingfora Red Team Operator/ Cloud Penetration Testerto support a government customer onsite in Chantilly, VA. The ideal candidate possesses a deep understanding for information security, computer network operations, and cloud infrastructure, particularly with major cloud service providers including Amazon Web Services (AWS), IBM, Google Cloud, Microsoft Azure and Oracle Cloud. They should understand cloud specific concepts such as networking, identity and access management, console applications, and functions. A strong Penetration Testing and/or Red Team (Offensive Cybersecurity) background with the ability to apply tradecraft for application manipulation, exploit development, and real-world assessments aimed at identifying and exploiting misconfigurations and/or vulnerabilities in cloud infrastructure. Our mission is to help our client protect their most sensitive and valuable data through comprehensive adversary emulation testing. We strive to enable vulnerability remediation and mitigation in advance of adversary activity to enhance the security posture and safeguard data. Candidates with OSCP certification are highly recommended to apply.
Clearance:An active Top Secret/SCI with CI poly is required. Candidates who do not meet these requirements will not be considered.
Responsibilities:

• Perform threat-driven cloud penetration testing, red teaming, remediation activities, and effective enhancement of cyber defense
• Support joint-team operations with internal and external partners to evaluate new cloud services
• Assist full project lifecycle scoping, planning, execution, monitoring, and closing activities to include: scoping engagements, preparing documentation, building/enhancing operational infrastructure, testing and validating capabilities, leading assessments from kick-off through remediation, and completing after-action reports/lessons learned
• Adhering to established policies and rules of engagement (ROE), safely utilize offensive tools, tactics, and procedures in mission critical environments
• Develop scripts, tools, and/or methodologies to enhance assessment processes
• Communicate complex, technical challenges and findings to client stakeholders, management, and executive leaders
• Develop comprehensive, actionable, and accurate reports & accompanying presentations for both executive leaders and technical audiences

Qualifications:

• Two plus (2+) years' experience working in cloud environments (e.g., penetration testing, red team, assessment, engineering, & administration) with a strong understanding of cloud architecture and design
• Five plus (5+) years' experience and possesses strong knowledge of Offensive Cyber Security and Penetration Testing methodologies
• Proven experience using and testing automation tools (Terraform, Docker, Ansible, shell scripting, etc.)
• Thorough understanding of network protocols, data transmission, and covert channels
• Strong knowledge of Unix/Linux/Mac/Windows operating systems, inclusive of command-line interface (CLI) usage through Bash and PowerShell
• Experience working as a member of a multi-disciplinary team, promoting a collaborative culture to achieve success
• Ability to interface with customer stakeholders to clearly and concisely communicate the purpose and benefits of an assessment
• Ability to effectively document and communicate technical details to executive leaders and principal stakeholders regarding kill chains, stages, dependencies, and impacts
• Excellent verbal and written communication skills to effectively convey complex technical information to non-technical customers and stakeholders
• Major cloud platforms, including AWS, Azure, Google, IBM, and/or Oracle Cloud
• Container orchestration tools, particularly Kubernetes, for managing and deploying containerized applications in cloud environments
• Strong knowledge of cloud architecture, including IAM, VPC, Storage Containers, and Databases
• Cloud Services, including functions, logging, APIs, and native services
• Bachelor's Degree (Engineering, Computer Science, Cyber Security, or related field) +8 years; or relevant education/experience (High School +12 years; Associates +10 years; Masters/PhD +4 years)
• DoD 8140/8570 Professional Certification (required certification must be completed within six (6) months of start in the position)
• Cloud relevant certifications (Preferred)

Desired Qualifications:

• Incident Response, Incident Remediation, and Security Architecture experience
• Knowledge of cloud-based CI/CD products, such as AWS Code Pipeline, Azure DevOps, and GCP Cloud Build
• Knowledge of tools such as Terraform integrated with cloud-based CI/CD products
• Strong understanding of Offense Security principles and methodologies, with a focus on proactively identifying, testing, and addressing vulnerabilities in cloud environments to strengthen overall security posture

Why Join Cyber Defense Technologies?
At CDT, we offer a collaborative and inclusive work environment where your expertise in Cloud Red Teaming/ Penetration Testing will help shape the future of cybersecurity and engineering solutions.
Compensation and Benefits:

• Competitive salary based on experience.
• Comprehensive benefits package, including health, dental, and retirement plans.
• Opportunities for professional development and career advancement.

CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Apply Now:
If you are a proactive Red Team Operator/Cloud Penetration Tester and thrive in dynamic environments, we encourage you to apply and join the CDT team!