Cyber Threat Emulation Analyst with Security Clearance

What You Will Be Doing Cyber Threat Emulation Analyst will complete vulnerability assessments. The ability of the AFCERT to complete its mission is dependent upon the ability to develop methods to identify, contain, log and analyze security vulnerabilities/holes on Air Force systems. The CTE&A analyst contractor employees may be required to provide 24-hour coverage (shift work) for seven (7) days a week, 365 days a year with zero tolerance for error. Responsibilities: * Conduct both automated and manual enterprise vulnerability assessments, including conducting regular patch & configuration vulnerability assessments as directed by operational flight leads. * Conduct Cyber Threat Emulation operations, and coordinate with security teams to strengthen the overall security posture of the AFNet and AFIN various tools and capabilities. * Test for real - time security vulnerabilities, conduct assessments, and assess vulnerability risk and impact. * Continuously develop and maintain safe and valid procedures to actively test Enterprise defensive measures. * Develop mitigations, policies, and procedures to coordinate with internal teams. Work with incident response team to better design response policies and procedures. * Work with incident response team to develop response policies and procedures. * Generate threat intelligence indicators during the course of Cyber Threat Emulation operations and provide reports back to ACD operators. * Coordinate with internal and external intelligence teams in order to replicate threat actor (TA) Techniques, Tactics, and Procedures (TTPs). * Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions. * Utilize knowledge and understanding of the Cyber Threat Framework (ODNI) and production of Threat Emulation findings. * Utilize the MITRE ATT&CK framework to perform cyber security operations testing, and develop improvements based upon real adversary behavior. * Formulate, lead, and persuade individuals, large teams and communities on ideas, concepts, and opportunities. * Leverage research, frameworks, and best practices on the latest exploits and security trends and currency on industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. * Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate. * Create, document, and report metrics for analysis to improve weapon system processes and mission execution. * Provide information to operational leaderships tasking as required as it relates to CTE actions. Minimum Qualifications: * Active TS/SCI clearance * DoD Approved 8570 IAT Level III and CND certifications and GDAT and one of OSCP or GPEN certifications. * 5 years of penetration testing experience. Demonstrated advanced knowledge of cyber security operations with master of two or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation. * Experience with PowerShell, BASH or Python scripting/programming language. * Must have a strong understanding of Linux Operating System. * Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects) Equal Opportunity Employer: Disability/Veteran About Tyto AtheneTyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto''s services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and ''As-a-Service''. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe. After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it''s time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Created: 2025-11-15