Job Listing
Offensive Cybersecurity Operator
Cybersecurity and Infrastructure Security Agency · Posted 3 days ago
Hybrid Pensacola, FL $91K – $140K Apply by Jun 16, 2026 Information Technology Management ENTJINTJINTPISTJ
Apply for this job → About the Role
This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period. The official title of this position is Information Technology Cybersecurity Specialist (INFOSEC) GS-2210-13/14.
What You'll Do
- →You will plan and execute authorized offensive security engagements that show federal and critical infrastructure partners exactly how a real adversary would attempt to breach them, emulating threat-actor tradecraft against enterprise networks and cloud tenants, and then briefing leaders on how to prioritize fix actions.
- →Typical work assignments at the full performance level include, but are not limited to: Lead full-lifecycle red team and penetration-test engagements against federal enterprise networks, cloud tenants (AWS / Azure / GCP), containerized and serverless workloads, web applications, and CI/CD pipelines - owning scoping, rules of engagement, operator tasking, deconfliction, and final reporting.
- →Emulate real-world threat actors - design and run ATT&CK-aligned operations that chain initial access, identity/IAM abuse, privilege escalation, and lateral movement to reach crown-jewel systems, then prove impact without causing harm.
- →Build and operate offensive infrastructure as code - stand up and tear down C2, redirectors, phishing, and lab/range environments repeatably with Terraform, Ansible, or comparable tooling, with disciplined OPSEC.
- →Develop and extend offensive tooling - custom payloads, C2 profiles, exploit adaptations, and AI/LLM-augmented recon, code-review, and triage workflows - and feed that tradecraft back into team capability.
- →Run continuous external attack-surface testing - automate discovery and assessment of internet-facing assets, set severity rubrics, and track exposure reduction across the agencies you support.
- →Assess emerging attack surface - infrastructure-as-code and pipeline supply chains, SaaS/identity-provider federation, and AI/ML-integrated applications (prompt injection, model abuse, data-exfil paths).
- →Partner with threat intelligence and detection engineering - turn current adversary reporting into testable TTPs, and work purple-team to validate and harden defensive coverage after every operation.
- →Brief the people who can act - deliver attack narratives and prioritized, concrete remediation to system owners and senior executives in mission-impact terms; mentor operators and set tradecraft, automation, and OPSEC standards for the team
Requirements
- ✓You must be a U.S. citizen.
- ✓Selective Service - Males born after 12/31/59 must be registered or exempt from Selective Service, see http://www.sss.gov/ All Federal employees are required to participate in Direct Deposit/Electronic Funds Transfer for salary payments.
- ✓DHS uses E-Verify, an Internet-based system, to confirm the eligibility of all newly hired employees to work in the United States.
- ✓Learn more about E-Verify, including your rights and responsibilities.
- ✓You must be able to obtain and maintain a security clearance suitable for Federal employment as determined by a background investigation.
- ✓This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use or possession of drugs.
- ✓One-year probationary period may be required.
- ✓This position may be designated as essential personnel.
- ✓Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding.
- ✓Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. 7501-7533 and 5 CFR Part 752, as applicable).
- ✓This position has been identified as a drug testing designated position (TDP) for purposes of the CISA's Drug-Free Workplace Program.
- ✓All applicants tentatively selected for this position will be required to submit to a drug test to screen for illicit/illegal drug use prior to receiving a final offer of employment.
- ✓A final offer of employment is contingent upon a negative drug test result.
- ✓After appointment, you may be subject to periodic random drug testing.
Personality Fit
Job ID: 2083191c-4843-42da-a8be-9ed7244147a9
Posted via USAJobs