Senior IT Tactical Cyber Security VA Specialist

Company Description

ADGA provides strategic vision, world-class technology and service excellence in the areas of defence, security and enterprise computing to clients in the federal government, other levels of government and the private sector. In a world dominated by convergence, ADGA provides the expertise and innovation that organizations need to stay safe, efficient and productive. This is based on an exceptional balance sheet built since 1967, protecting some of Canada's most critical assets. Headquartered in Ottawa, with offices across Canada, ADGA is a privately owned Canadian company employing more than 800 employees, technical consultants and subject matter experts.

Job Description

ADGA is hiring an IT Tactical Cyber Security VA Specialist to work on and support The Tactical Cyber Capability (TCC) Project for our defence clients. The TCC Project aims to acquire, develop, and integrate a range of cyber capabilities including people, infrastructure, processes, and technology to enable CAF operations across the full spectrum of activities.

The capability mix of the TCC Project will comprise both platform-delivered (e.g., airborne, seaborne, vehicle-borne, dismounted) and network-delivered cyber capabilities. To support training, planning, and mission rehearsal activities, the project will develop capability models within the Cyber Training Area, which will be delivered through the Cyber 004 – Cyber Operations Training Eco-System

The IT Tactical Cyber Security VA Specialist will provide security advice from an offensive perspective; Conduct security related research; maintain a mobile testing lab environment for the development of customized mobile tools and capabilities and perform offensive security demonstrations at various security caveats.

Tasks:

• Lead Red Team operations or OPFOR during exercises with DND and allied forces;
• Develop and deploy TD5 and above level TTPs in support of cyber exercises and testing;
• Develop and deploy TD5 and above level tooling in support of cyber exercises and testing;
• Undertake engagements that may perform penetration testing against a system of networked devices from an advanced threat actor perspective;
• Undertake engagements that may perform penetration testing against a single device including the assessment of Operating Systems and Firmware from an advanced threat actor perspective;
• Undertake engagements that may perform reverse engineering and penetration testing against a single endpoint application from an advanced threat actor perspective;
• Undertake engagements that may perform penetration testing against hosted web applications or mobile device applications from an advanced threat actor perspective;
• Undertake engagements that may perform penetration testing against wireless systems or devices such as WiFi or Bluetooth from an advanced threat actor perspective;
• Undertake engagements that may perform penetration testing that focuses on identifying and validating vulnerabilities associated with physical security as well as employee’s ability to follow documented policies, procedures, and best practices;
• Undertake engagements that may perform Vulnerability Assessments (VA) using a wide variety of tools;
• Perform intelligence impact assessments on devices and systems as they effect CAF and its allies;
• Use network discovery and scanning tools to perform port and service scanning, service enumeration and vulnerability scanning;
• Develop a framework for tactical cyber range operations for training new operators;
• Attempt to exploit any discovered vulnerabilities. This may include attempts to guess or crack passwords or to gain access to encrypted information using tactics such as private key theft and cryptographic downgrade attacks;
• Execute the agreed upon misuse cases against the System under Test (SUT) in order to study its behaviour to uncover weaknesses and attempt to exploit those weaknesses in order to gain unauthorized access to information system and assets;
• Produce a Security Engineering Validation (SEV) report that enumerates all findings discovered as part of the assessment. Each finding includes a description of the vulnerability, the technical impact of the vulnerability if exploited, the probability that a sufficiently skilled threat actor could exploit the vulnerability, as well as recommendations expressed as additional security controls that could mitigate the vulnerability. Lastly, provide a severity rating for each finding based on the above information;
• Provide a briefing to the client to discuss the findings including the recommended mitigations;
• Perform advanced security research on targeted solutions focusing on intelligence impact;
• Develop weaponized proof-of-concept exploits for existing and newly discovered vulnerabilities;
• Develop cyber collateral damage assessments for exploited vulnerabilities and offensive tools;
• Provide security advice from a tactical and intelligence offensive perspective; conduct security related research; maintain a tactical cyber operations lab environment for the development of customized penetration testing tools and capabilities; and perform offensive security demonstrations;
• Remain abreast of newly disclosed vulnerabilities and assess the potential impact on the department’s information systems. This may include analysing exploit code, including proof-of-concept code, to develop a better understanding of the vulnerability and the conditions by which the vulnerability may be exploited;
• Develop OPSEC safe agent code to augment existing capabilities;
• Triage vulnerabilities with the equity review board to determine appropriate course for any equities discovered;
• Provide assistance to CFNOC as well as other Cyber related units;
• Design and develop opposing force attack scenarios for Cyber Training exercises such as the FVEYs Cyber Flag, Cyber Exercise (CyberX) and CFCOSO initiatives;
• Provide end-of-day as well as end-of-exercise briefings to training exercise participants to ensure participants achieve maximum benefit;
• Develop penetration testing tutorials for use as training materials for SEV, CFNOC, or other Cyber related units;
• Assess existing offensive security tool set and make recommendations to improve and modernize the tool set; and
• Identify gaps in the existing SEV OCO capabilities, services, technologies and tools; and
• Design and implement CTF and training exercises with tactical cyber operations and intelligence content.

Qualifications

• Minimum 10 (ten) years of experience working as an IT Security VA Specialist.
• Minimum of five (5) years experience in performing penetration testing against single endpoints including operating system and firmware.
• Minimum of four (4) years experience in collection, processing and analysis of Signals Intelligence.
• Minimum of five (5) years experience in performing cyber threat intelligence impact assessments.
• Minimum of five (5) years of experience in exploit development.
• Minimum of three (3) years experience working in classified networks in the cyber domain.
• Minimum of three (3) years experience in conducting vulnerability research assessments of code, systems, services, and processes.
• Minimum of three (3) years experience in developing and operationalizing mobile equities.
• Minimum of three (3) years experience in participating in the IT community by organizing Capture the Flag (CTF) competitions, participating in CTP, speaking at conferences, providing training or by developing tools.
• Minimum of Two (2) years experience in utilizing the following security research tools:
  • IDAPro
  • Ghidra
  • Frida
  • GDB
  • AFL
  • BooFuzz
  • WinDbg
  • Olydbg/Immunity
  • Sysinternals
• Minimum of three (3) years experience in using and developing fuzzers for vulnerability discovery and performing root cause analysis.
• Minimum of three (3) years experience in producing intelligence impact reports for technical and non-technical audiences, based on findings from technical assessments.
• Minimum of three (3) years experience in teaching or mentoring other Mobile Testers or VA Specialists.

Additional Information

Work-Life Balance  

We strongly support a healthy and productive work-life balance. This starts with a flexible approach to work, and policies designed to support employees through their day-to-day routines and major life events. For example, we offer a Maternity/Parental Top-Up (up to 52 weeks) and a Reservist Leave Top-Up (up to 180 days). 

Belong@ADGA  

ADGA continuously strives to integrate advanced Diversity, Equity & Inclusion (DEI) approaches and practices into our work culture. Our employee-based DEI Committee explores activities and invites discussions that foster an environment where all employees feel valued, respected, and heard.

Compensation  

Above and beyond our commitment to offer a competitive base salary, ADGA has a company-wide profit-sharing plan for all full-time and part-time employees.

Comprehensive Benefits and Total Rewards  

We offer a comprehensive benefit program, providing employees with the choice between base or enhanced plans. Depending on the plan, ADGA pays for Health & Dental, a Health Spending Account, Short-Term Disability, an Employee Assistance Program, and a Telemedicine service. Also offered: discounts on gym memberships, 5,000+ perks through Perkoplis, a Deferred Profit Sharing Plan, and access to a wide range of other employee-centric services and savings programs.