POSITIONS CONTINGENT ON CONTRACT AWARD.

KBR is actively seeking skilled professionals across a variety of high-impact cybersecurity roles—from Incident Response and Cyber Hunt to Digital Forensics, Insider Threat, Continuous Monitoring, and Red/Blue Team Operations.

RED TEAM OPERATOR (COOPERATIVE RED/BLUE TEAM OPERATIONS)

Job Description:
The Red Team Operator is responsible for conducting simulated cyber attacks, penetration testing, and adversarial assessments to test and improve the cybersecurity defenses of NIWC CSSP and its subscribers. This role requires expertise in ethical hacking, attack emulation, and security bypass techniques to assess network resilience and provide actionable recommendations. The Red Team Operator will work closely with Blue Team defenders, Threat Intelligence analysts, and Incident Response tea…

Key Responsibilities:

• Plan and execute controlled cyber adversary attacks to test security defenses, monitoring capabilities, and incident response effectiveness.
• Develop and refine custom attack tools, scripts, and exploit payloads to simulate real-world cyber threats.
• Conduct network and web application penetration testing using manual and automated techniques.
• Perform adversarial assessments to evaluate CSSP security effectiveness against Advanced Persistent Threats (APTs).
• Leverage social engineering tactics such as phishing, spear-phishing, and pretexting to assess user awareness and susceptibility to attacks.
• Exploit vulnerabilities in network, cloud, and endpoint environments to gain persistence and escalate privileges.
• Use Red Team frameworks and tools such as Cobalt Strike, Metasploit, Empire, Covenant, BloodHound, Mimikatz, Burp Suite, and Kali Linux.
• Test the effectiveness of Blue Team detection mechanisms and provide recommendations for improved security monitoring.
• Develop and document Red Team Tactics, Techniques, and Procedures (TTPs) based on MITRE ATT&CK and industry best practices.
• Create after-action reports and remediation guidance for CSSP stakeholders to strengthen defenses.
• Maintain a Persistent Penetration Testing Network (PPTN) for ongoing security assessments.
• Participate in joint Red/Blue/Purple team exercises to enhance threat detection and response collaboration.
• Train and mentor junior Red Team members on attack methodologies and ethical hacking techniques.

• Plan and execute controlled cyber adversary attacks to test security defenses, monitoring capabilities, and incident response effectiveness.
• Develop and refine custom attack tools, scripts, and exploit payloads to simulate real-world cyber threats.
• Conduct network and web application penetration testing using manual and automated techniques.
• Perform adversarial assessments to evaluate CSSP security effectiveness against Advanced Persistent Threats (APTs).
• Leverage social engineering tactics such as phishing, spear-phishing, and pretexting to assess user awareness and susceptibility to attacks.
• Exploit vulnerabilities in network, cloud, and endpoint environments to gain persistence and escalate privileges.
• Use Red Team frameworks and tools such as Cobalt Strike, Metasploit, Empire, Covenant, BloodHound, Mimikatz, Burp Suite, and Kali Linux.
• Test the effectiveness of Blue Team detection mechanisms and provide recommendations for improved security monitoring.
• Develop and document Red Team Tactics, Techniques, and Procedures (TTPs) based on MITRE ATT&CK and industry best practices.
• Create after-action reports and remediation guidance for CSSP stakeholders to strengthen defenses.
• Maintain a Persistent Penetration Testing Network (PPTN) for ongoing security assessments.
• Participate in joint Red/Blue/Purple team exercises to enhance threat detection and response collaboration.
• Train and mentor junior Red Team members on attack methodologies and ethical hacking techniques