Intermediate Red Team Operator
Company: Geospatial And Cloud Analytics Inc
Location: Virginia Beach
Posted on: February 16, 2026
|
|
|
Job Description:
Job Description Job Description This position is designated as
an Intermediate-level Access Network Operator (DCWF Work Role 321)
and is not designated as Key Personnel . The individual performs
independent penetration testing and red team operations in support
of OPTEVFOR Cyber Operational Test & Evaluation (OT&E)
activities. The role supports cyber survivability assessments
across planning, preparation, execution, and post-test phases and
provides technical direction to basic-level operators when
required. Qualifications The Intermediate Access Network Operator
must meet all qualification requirements of a Basic Access Network
Operator in addition to the following: Offensive Security Certified
Professional (OSCP) or equivalent offensive cybersecurity
certification Minimum of three (3) years of experience performing
penetration testing, red teaming, and/or exploitation development
Proficiency with multiple offensive cyber tools, including:
Metasploit Cobalt Strike Core Impact Burp Suite Nessus SharpHound
Demonstrated ability to detect malicious program activity using
dynamic analysis techniques Ability to independently plan and
execute penetration testing and red team activities to accomplish
assigned test objectives Key Responsibilities Policy, Procedures,
and Tooling Become proficient in OPTEVFOR Cyber T&E CONOPS,
SOPs, policies, and guidance Maintain and contribute to the
development of 01D SOPs and technical documentation supporting DCAT
authorization in accordance with DoDI 8585.01 Research, review,
prioritize, and submit operational requirements for acquisition of
cyber tools and capabilities in accordance with the 01D tool
approval process Support development and execution of tactics,
techniques, and procedures (TTPs) for penetration testing and red
team operations Research adversary cyber actors TTPs,
organizational structures, capabilities, personas, and operating
environments and integrate findings into cyber survivability test
planning and execution Test Planning Participate in OPTEVFOR cyber
test planning activities, including: Conducting open-source
research and reviewing system-under-test (SUT) documentation to
understand mission, architecture, interfaces, and critical
components Identifying attack surfaces and threat vectors
Participating in cyber test planning meetings Guiding development
of cyber test objectives Reviewing test plans to ensure objectives
are feasible and executable Participating in test planning site
visits Test Preparation Support preparation activities for cyber
OT&E events, including: Participation in site pre-test
coordination visits and delivery of test site in-briefs Reviewing
approved test plans Adding relevant artifacts and research to the
test library Conducting in-depth SUT research and presenting
findings to the red team Preparing OPTEVFOR Red Team (OPTEV-RT)
test assets Test Execution Execute assigned cyber test events,
including Cooperative Vulnerability Penetration Assessments ,
Adversarial Assessments , and Cyber Tabletop exercises , in support
of Operational Testing, Developmental Testing, risk reduction
efforts, and other assigned events Employ OPTEVFOR-provided and
NAO-approved commercial and open-source cyber assessment tools ,
including: Core Impact, Nmap, Burp Suite, Metasploit, Nessus Apply
ethical hacking techniques to exploit discovered vulnerabilities
and misconfigurations across: Operating systems (Windows, Linux,
Unix) Network protocols and services (HTTP, FTP, DNS, PKI, HTTPS)
Execute testing activities independently and provide technical
guidance and oversight to Basic-level operators Ensure all testing
is conducted safely, in accordance with approved test plans and
OPTEVFOR policies Adhere to JFHQ-DoDIN deconfliction procedures
Verify accuracy and completeness of collected test data Post-Test
and Continuous Improvement Participate in the post-test iterative
process , including development of deficiency and risk
documentation Document test execution lessons learned and support
continuous improvement initiatives Generate and update
documentation required to maintain DCAT authorization in accordance
with DoDI 8585.01 Participate in capture-the-flag events, cyber
off-sites, red team huddles, and technical exchange meetings;
develop supporting products and materials Attend OPTEVFOR-required
meetings in support of OT&E activities DCWF Knowledge, Skills,
Abilities, and Tasks (KSATs) In addition to meeting all KSAT
requirements for a Basic Access Network Operator , the Intermediate
operator demonstrates the following: Skills Assessing existing
tools to identify capability gaps and improvement opportunities
Testing and evaluating cyber tools for operational implementation
Knowledge management and technical documentation (e.g., wiki-based
documentation) Processing exfiltrated data for analysis and
dissemination Evaluating and validating locally developed tools for
operational use Knowledge Active defense methodologies and system
hardening techniques Encryption algorithms and cyber tools (e.g.,
TLS, PGP) Evasion strategies and exploitation techniques Forensic
implications of operating system structures and processes
Host-based security products and their impact on exploitation
Network administration, construction, and topology Security
hardware and software options and their effects on exploitation
artifacts Security implications of software configurations Digital
forensics fundamentals to extract actionable intelligence
Cryptologic capabilities, limitations, and contributions to cyber
operations Unix/Linux and Windows operating system internals
(process management, directory structures, installed applications)
Network collection procedures, including decryption techniques and
tools
Keywords: Geospatial And Cloud Analytics Inc, Virginia Beach , Intermediate Red Team Operator, IT / Software / Systems , Virginia Beach, Virginia
