Cyber Engineer – Advanced Cyber Training Environments

SITE 525 is at the forefront of delivering cutting-edge training solutions for information maneuver specialists. Our mission is to empower the warfighter with realistic, high-fidelity training environments that simulate the challenges of modern information warfare.

SITE 525 is seeking a highly skilled Cyber Engineer to support the development and sustainment of advanced cyber training environments. This role involves hands-on engineering of secure, scalable, and AI-enabled virtual ranges that emulate realistic, adversarial network conditions across IT and OT domains. These environments are used for cyber mission rehearsals, red/blue/gray team operations, and full-spectrum cybersecurity exercises. Must be willing to travel up to 25%.

Key Responsibilities:

• Engineer and deploy cyber training environments using VMs, containers, and SDN across hybrid, edge, and cloud infrastructures.
• Implement traffic simulations (burst, steady-state, geo-distributed, adversarial, AI/ML-driven) to emulate realistic user/system behavior.
• Develop frameworks for orchestrating non-player character (NPC) activity and user emulation across IT and OT domains.
• Integrate AI-based traffic generation and host-level user emulation for enhanced realism.
• Build observability pipelines for traffic replay, metrics collection, autoscaling validation, and centralized logging.
• Execute full-spectrum threat campaigns using open-source offensive tools to support blue team training.
• Integrate threat intelligence feeds and adversarial emulation to reflect current TTPs.
• Deploy and maintain defensive toolsets for network monitoring, incident detection, and response.
• Develop infrastructure-as-code and network-as-code solutions integrated with CI/CD and SecDevOps workflows.
• Integrate third-party tools to enhance training realism and operational fidelity.
• Administer and secure private cloud stacks, closed-loop networks, and critical infrastructure venues.
• Manage network/server infrastructure including AD, firewalls, hypervisors, and identity management systems.
• Support cyber exercises and events including setup, execution, troubleshooting, and close-out.
• Participate in technical working groups and customer engagements to validate and improve cyber training environments.
• Apply hands-on experience with OT systems including SCADA, HMIs, ICS, DCS, PLCs, RTUs, IoT, and IIoT devices.

Relevant Technologies & Tools:

• Traffic Simulation & User Emulation: Lariat, CMU GHOSTS, MITRE Caldera, Red Canary, Atomic Red Team, TRex, BreakingPoint, Locust, k6, custom Python/TypeScript scripts, AI-enabled agents
• Security Monitoring & Logging: Splunk, Wazuh, Elastic Stack, Security Onion, Endgame, Velociraptor
• Threat Emulation & Red Team Tools: Kali Linux, Metasploit, Cobalt Strike (open-source equivalents), custom adversarial scripts
• Virtualization & Containerization: AWS, Azure, VMware vSphere/vCenter, Tanzu Kubernetes Grid (TKG), Proxmox, RKE2, Harvester
• Infrastructure Automation: Terraform, Ansible, Helm, Nomad
• Identity & Access Management: Red Hat IDM, Red Hat SSO, Active Directory (GPOs, tiered admin scripts)
• Networking & SDN: VMware NSX-T, VLANs, VPNs, dynamic networking tools
• Compliance & Assurance: NIST 800-series, ISO 27001, FedRAMP, CUI-compliant controls
• Monitoring & Control Interfaces: Custom dashboards for exercise operations, centralized scenario orchestration

Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Computer Engineering, or related field.
• 5+ years of experience in cyber engineering, network operations, or cyber range development.
• Top Secret security clearance.
• Proficiency in virtualization, containerization, and cloud technologies.
• Experience with offensive and defensive cybersecurity tools and frameworks.
• Familiarity with AI/ML integration in cyber environments.
• Strong scripting and automation skills (e.g., Python, Bash, PowerShell).
• Experience with infrastructure-as-code tools (e.g., Terraform, Ansible).
• Knowledge of OT systems and protocols.
• Security certifications (e.g., CISSP, CEH, OSCP) are a plus.

Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds, but may vary depending on the position. Regular and predictable attendance is essential.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status, and any other characteristic protected by federal, state, and local law.

If you are unable to apply through the portal and need to speak to someone about necessary accommodations to apply, please email and we will follow up with you. Do not submit resumes and applications through this email.

R4CFyi3nbl