Job Description:
The exploitation analyst instructor/writer performs duties on-site at Fort Gordon, GA at the U.S. Army Cyber School. The targeting instructor/writer position will instruct Cyber (17 series) students that support the Army’s Cyberspace Electromagnetic Activities (CEMA) Operations across USCYBERCOM, ARCYBER, and Electronic Warfare unit’s missions. This position will develop and maintain highly detailed technical material related to offensive operations in cyberspace and instruct personnel to successfully serve in the Cyber Mission Force (CMF) designated work roles to include Exploitation Analyst (EA). These skillsets involve knowledge of intelligence, plans, and operations; all underpinned by an expert knowledge of Joint/Service specific targeting processes. As such, personnel selected for the position will have previous experience within USCYBERCOM or subordinate service component within the Cyber Mission Force (CMF) while serving in, or directly supporting the Exploitation Analyst (EA) work role.
Specific classroom instruction will include but is not limited to the following:
· Advanced Hacking Methodologies:
1. Host exploitation techniques.
2. Fuzzing techniques.
3. Linux and Windows hands on targets.
4. Modern OS protections bypass techniques (WIN 8, 10, etc.).
· Identify gaps in technical capabilities.
· Analyze traffic to identify network devices.
· Create and extract important information from packet captures.
· Create collection requirements in support of data acquisition activities.
· Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
· Accurately and completely source all data used in intelligence, assessment and/or planning products.
· Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
· Evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.
· Use databases to identify target-relevant information.
· Expand network access by conducting target analysis and collection to identify targets of interest.
· Identify/describe target vulnerability.
· Target development in direct support of collection operations.
· Identify/describe techniques/methods for conducting technical exploitation of the target.
· Use trace route tools and interpret the results as they apply to network analysis and reconstruction.
Qualifications:
· Possess a valid, current TS/SCI clearance.
· Have at least five (5) years of service (military/civilian/contractor) as an Exploitation Analyst conducting offensive cyberspace operations as part of USCYBECOM, or service component cyber commands directly supporting a COCOM/JTF Headquarters. Personnel that have not directly supported offensive cyberspace operations may be considered if they meet qualifications described in the remainder of the qualifications below.
___________________________________________________________________________________________
· Served as a certified instructor for the USCYBERCOM validated Exploitation Analyst Course (EAC) or National Cryptologic University CYBR4600.
OR
· Meet two (2) of the six (6) listed requirements:
o Certified as a White cell assessor for the Service (Army, Navy, Marines, Air Force) and/or USCYBERCOM validation exercises.
o Graduated from one of the following Army's 17 series or 35Q/35N MOS/AOC producing course OR associated Professional Military Education (PME) course: 17C AIT, 35Q/N AIT, 17A BOLC, or 170A WOBC, or equivalent sister service courses.
o Three (3) years’ experience as a Weapons and Tactics Instructor (WTI) for the CMF headquarters JFHQ-C/CNMF.
o Five (5) years’ experience as USCYBERCOM DNEA and certified at the Senior proficiency level.
o Five (5) years’ experience as a USCYBERCOM TDNA and certified at the Senior proficiency level.
o Five (5) years’ experience as a USCYBERCOM Cyberspace Operator and certified at the Senior proficiency level.
AND
· Meet two (2) or more of the nine (9) listed requirements:
o Four (4) years’ experience at the tactical level or higher on a Cyber Mission Force Team conducting Offensive Cyberspace Operations (OCO).
o Three (3) years’ experience developing TRADOC and/or USCYBERCOM scenarios to enhance curriculum delivery.
o Three (3) years’ experience in: Networking, Security Windows, UNIX, and Programming.
o Three (3) years’ experience creating and developing virtualized environments; VMware and/or OpenStack.
o Two (2) years’ experience using PowerShell or BASH automation, scripting, and automating repetitive tasks.
o Two (2) years’ experience with Virtualized Environment administration.
o A Bachelor’s degree in (at least one): Cybersecurity, Computer Science, Information Technology, Information Systems, or Computer Forensics.
o DoD Approved 8570 Baseline Certification (Any IAT Level 2 certification or higher).
o Verifiable experience with hacking methodologies, protocol analysis, target system enumeration, AND telecommunications.
AND
· Possess Knowledge, Skill and/or Ability in six (6) or more of the twenty-three (23) following areas:
o Perform analysis for target infrastructure exploitation activities.
o Compile, integrate, and/or interpret all-source data for intelligence or vulnerability value with respect to specific targets.
o Examine related metadata and content with an understanding of targeting significance.
o Develop target access opportunities in support of cyberspace operations.
o Build an operational and mission data in a target tracker.
o Facilitate target deconfliction.
o Produce network reconstructions.
o Analyze target communications to identify essential elements of information in support of organizational objectives.
o Perform and document social network analysis.
o Develop profiles using appropriate tools and databases.
o Perform project or mission profile management.
o Enable the operational level planning processes.
o Provide input for the development of Cyber Effects Operations plans and targeting requirements.
o Assist in the development of Courses of Actions (COAs) linked to objectives.
o Identify and document intelligence gaps and shortfalls.
o Reproduce network reconstructions.
o Perform operational use of collection databases.
o Knowledge of cyber operations activities and concepts.
o Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
o Knowledge of network topology.
o Knowledge of the Joint Targeting Cycle (JTC).
o Knowledge of the overall mission of the Cyber Mission Force (CMF) and how it's organized inclusive of team organizations with work roles.
o Knowledge of how Information Needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
Note:
Summit Technologies, Inc. is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Position descriptions serve as a guideline and may not be construed as a guarantee of employment. Summit Technologies, Inc. is an at-will organization.
COVID-19 Regulations: Summit complies with all applicable requirements regarding COVID-19 regulations, including COVID-19 vaccinations and testing requirements.
Positions supporting US Federal contracts located within the continental United States (including corporate support positions): Pursuant to Executive Order 14042 (Ensuring Adequate COVID Safety Protocols for Federal Contractors), Summit requires covered employees and new hires, whether working at a customer site, working remotely, or working in a Summit facility, to comply with the Executive Order except in circumstances where an employee is legally entitled to an accommodation.
Canada, state/provincial or OCONUS based contracts and positions: Summit complies with all applicable COVID-19 requirements. This may require employees to be vaccinated against COVID-19, provide attestations regarding vaccination status and/or COVID-19 testing, or satisfy other conditions of employment that Summit deems appropriate, and employees may be required to show proof of vaccination and/or negative COVID-19 test results as a condition of employment (except in circumstances where an employee is legally entitled to an accommodation).