Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction.
We have an opening for a full-time, Senior Red Team Operator to join our talented, dynamic team.
The Senior Red Team Operator will operate as part of our Red Team staff with the ability to lead small teams conducting advanced adversary emulation operations against real-world targets, in varying environments, and against active network defenders. The Senior Red Team Operator will lead the design, development, and execution of Red Team Operations. The Senior Red Team Operator will ensure all deliverables for the operation are completed within the required timeline. Additionally, the Senior Red Team Operator will provide support and mentorship to other Red Team Operators.
Veterans are encouraged to apply.

REQUIREMENTS

• Bachelor’s Degree or higher in Computer Science, Information Technology, Cybersecurity, or a related field – equivalent experience may be considered in lieu of a degree.
• 7+ years of Cyber Security experience.
• 5 years of offensive focused experience (Red Teaming, Purple Teaming, Penetration Testing, tool development, etc.).
• Hands-on keyboard experience during multiple Red Team engagements.
• Understand Red Teaming Methodology (Recon, Exploitation, Persistence, Lateral Movement, Post Exploitation, and Exfiltration).
• Be able to explain the tools and techniques used during each phase of a red team operation, their purposes, and any OPSEC-related considerations.
• Experience with common Penetration Testing and Red Team Tools such as Burp Suite, C2 Frameworks, Kali Linux, and Open-Source Hacking Tools.
• Demonstrated ability to script effectively in both Linux and Windows environments, with development experience in a language of choice (e.g., Python, Rust, Go, .NET, etc.).
• Experience with or an understanding of multiple concepts below:
• 
  
  
  
• Command and Control channel frameworks and Offensive infrastructure deployment.

• Cloud Technologies (Azure, AWS, Heroku).
• Reverse Engineering malware, data obfuscation, or encryption.
• Web Application Technologies.
• Social Engineering and related Psychology disciplines and experience.
• Active Directory and authentication-type technologies (Okta, SAML, ADFS Federation, etc.).
• OPSEC-focused Infrastructure Implementation (Docker, Redirectors, Mail Servers).
• Exploit Development in Windows and Linux environments.
• Rapid Development of offensive-focused tooling and trade-craft.
• Wireless and Radio Frequency technologies (Bluetooth, 802.11, etc.).
• Possess an Offensive Security related certifications.

• Lead a small team and provide expertise in the development and execution of Red Team Operations.
• Requires expert technical knowledge and a subject matter expert in relation to adversarial threats and offensive TTP’s.
• Chain vulnerabilities together and move laterally through an environment without detection.
• Ability to perform root cause analysis of vulnerabilities and effectively communicate findings to customers in both written and verbal formats.
• Improve team trade-craft, techniques, tactics, procedures, infrastructure, and tooling.
• Conduct independent vulnerability research to discover new vulnerabilities or TTP’s.
• Develop scenarios and artifacts that mimic real-world adversary groups for simulated testing.
• Provide remediation recommendations based on discovered weaknesses and vulnerabilities.
• Develop technical reports and work with customers to aid in remediation/validation of discovered findings.
• Support the offensive capabilities team to enhance capabilities, innovate new capabilities, and/or develop training material.
• Work in a collaborative environment with others.