Cyber Engineer – Advanced Cyber Training Environments na IDS International
IDS International · Arlington, Estados Unidos Da América · Onsite
- Professional
- Escritório em Arlington
SITE 525 is at the forefront of delivering cutting-edge training solutions for information maneuver specialists. Our mission is to empower the warfighter with realistic, high-fidelity training environments that simulate the challenges of modern information warfare.
SITE 525 is seeking a highly skilled Cyber Engineer to support the development and sustainment of advanced cyber training environments. This role involves hands-on engineering of secure, scalable, and AI-enabled virtual ranges that emulate realistic, adversarial network conditions across IT and OT domains. These environments are used for cyber mission rehearsals, red/blue/gray team operations, and full-spectrum cybersecurity exercises. Must be willing to travel up to 25%.
Key Responsibilities:
SITE 525 is seeking a highly skilled Cyber Engineer to support the development and sustainment of advanced cyber training environments. This role involves hands-on engineering of secure, scalable, and AI-enabled virtual ranges that emulate realistic, adversarial network conditions across IT and OT domains. These environments are used for cyber mission rehearsals, red/blue/gray team operations, and full-spectrum cybersecurity exercises. Must be willing to travel up to 25%.
Key Responsibilities:
- Engineer and deploy cyber training environments using VMs, containers, and SDN across hybrid, edge, and cloud infrastructures.
- Implement traffic simulations (burst, steady-state, geo-distributed, adversarial, AI/ML-driven) to emulate realistic user/system behavior.
- Develop frameworks for orchestrating non-player character (NPC) activity and user emulation across IT and OT domains.
- Integrate AI-based traffic generation and host-level user emulation for enhanced realism.
- Build observability pipelines for traffic replay, metrics collection, autoscaling validation, and centralized logging.
- Execute full-spectrum threat campaigns using open-source offensive tools to support blue team training.
- Integrate threat intelligence feeds and adversarial emulation to reflect current TTPs.
- Deploy and maintain defensive toolsets for network monitoring, incident detection, and response.
- Develop infrastructure-as-code and network-as-code solutions integrated with CI/CD and SecDevOps workflows.
- Integrate third-party tools to enhance training realism and operational fidelity.
- Administer and secure private cloud stacks, closed-loop networks, and critical infrastructure venues.
- Manage network/server infrastructure including AD, firewalls, hypervisors, and identity management systems.
- Support cyber exercises and events including setup, execution, troubleshooting, and close-out.
- Participate in technical working groups and customer engagements to validate and improve cyber training environments.
- Apply hands-on experience with OT systems including SCADA, HMIs, ICS, DCS, PLCs, RTUs, IoT, and IIoT devices.
- Traffic Simulation & User Emulation: Lariat, CMU GHOSTS, MITRE Caldera, Red Canary, Atomic Red Team, TRex, BreakingPoint, Locust, k6, custom Python/TypeScript scripts, AI-enabled agents
- Security Monitoring & Logging: Splunk, Wazuh, Elastic Stack, Security Onion, Endgame, Velociraptor
- Threat Emulation & Red Team Tools: Kali Linux, Metasploit, Cobalt Strike (open-source equivalents), custom adversarial scripts
- Virtualization & Containerization: AWS, Azure, VMware vSphere/vCenter, Tanzu Kubernetes Grid (TKG), Proxmox, RKE2, Harvester
- Infrastructure Automation: Terraform, Ansible, Helm, Nomad
- Identity & Access Management: Red Hat IDM, Red Hat SSO, Active Directory (GPOs, tiered admin scripts)
- Networking & SDN: VMware NSX-T, VLANs, VPNs, dynamic networking tools
- Compliance & Assurance: NIST 800-series, ISO 27001, FedRAMP, CUI-compliant controls
- Monitoring & Control Interfaces: Custom dashboards for exercise operations, centralized scenario orchestration
- Bachelor’s or Master’s degree in Cybersecurity, Computer Engineering, or related field.
- 5+ years of experience in cyber engineering, network operations, or cyber range development.
- Top Secret security clearance.
- Proficiency in virtualization, containerization, and cloud technologies.
- Experience with offensive and defensive cybersecurity tools and frameworks.
- Familiarity with AI/ML integration in cyber environments.
- Strong scripting and automation skills (e.g., Python, Bash, PowerShell).
- Experience with infrastructure-as-code tools (e.g., Terraform, Ansible).
- Knowledge of OT systems and protocols.
- Security certifications (e.g., CISSP, CEH, OSCP) are a plus.
