Offensive Cybersecurity Operator

Join the U.S. Cybersecurity and Infrastructure Security Agency as an Offensive Cybersecurity Operator in Pensacola, FL. This onsite role offers a competitive salary range of USD 90,925 to 139,684 per year, a comprehensive benefits package, and a mission-driven environment that values collaboration, disciplined operations, and professional growth. The official title for this position is Information Technology Cybersecurity Specialist (INFOSEC) GS-2210-13/14.

Benefits and culture

You will contribute to protecting federal enterprise networks and cloud environments while working alongside teams that translate threat intelligence into actionable defenses. Enjoy a benefits program designed to support work–life balance and career development, with formal mentorship, structured tradecraft, and opportunities to advance within a collaborative, mission-focused setting.

Responsibilities

• Lead end-to-end red team and penetration testing engagements across federal networks, cloud tenants (AWS, Azure, GCP), containerized and serverless workloads, web applications, and CI/CD pipelines. Own scoping, rules of engagement, operator tasking, deconfliction, and final reporting.
• Emulate real world threat actors by designing ATT&CK-aligned operations that chain initial access, IAM abuse, privilege escalation, and lateral movement to reach critical systems, then demonstrate impact without causing harm.
• Build and operate offensive infrastructure as code to stand up and tear down C2, redirectors, phishing, and lab environments using Terraform, Ansible, or comparable tooling, maintaining disciplined OPSEC.
• Develop and extend offensive tooling, including custom payloads, C2 profiles, exploit adaptations, and AI/LLM-augmented recon and triage workflows, feeding improvements back into team capability.
• Conduct continuous external attack surface testing by automating discovery and assessment of internet-facing assets, establishing severity rubrics, and tracking exposure reduction across supported agencies.
• Assess emerging attack surfaces such as infrastructure-as-code, pipeline supply chains, SaaS identity providers, and AI/ML applications, identifying risks and mitigations.
• Collaborate with threat intelligence and detection engineering to convert adversary reports into testable TTPs, and engage in purple-team activities to validate and harden defenses after each operation.
• Present attack narratives and prioritized remediation to system owners and senior executives, and mentor operators while defining tradecraft, automation, and OPSEC standards for the team.

Requirements

• U.S. citizenship is required.
• Selective Service registration is required for males born after 12/31/1959 or exemption applies.
• All Federal employees must participate in Direct Deposit/Electronic Funds Transfer for salary payments.
• Applicant is expected to be eligible to work in the United States and may be processed through E-Verify.
• Ability to obtain and maintain a security clearance suitable for Federal employment, potentially including a background review and financial checks.
• One-year probationary period may be required.
• This position may be designated as essential personnel and may require duty during continuity of operation events.
• This role is a drug testing designated position as part of the agency Drug-Free Workplace Program; a pre-employment drug screen is required and post-employment random testing may occur.

Technologies

• Terraform
• Ansible
• Packer
• AWS
• Azure
• GCP
• MITRE ATT&CK
• AI/LLM

Benefits

• Comprehensive benefits package

This job is open to

• The public – U.S. Citizens, Nationals, or those who owe allegiance to the United States
• Career transition (CTAP, ICTAP, RPL) – Federal employees whose position was eliminated and who are eligible for priority consideration
• Clarification from the agency – U.S. Citizens, CTAP, ICTAP

Education

No Educational Substitution: There is no substitution of education for experience at either grade level. You must meet the qualifications listed in the Requirements section.

Additional information

• Other incentives may be authorized.
• If offered conditional employment, you will complete an Optional Form 306 and certify information in your application prior to entry on duty.
• Additional vacancies may be filled with this announcement.
• Salary is GS-13 to GS-14, with locality adjustments; actual pay depends on grade, step, and duty location.
• Promotion may occur noncompetitively after meeting regulatory requirements and management recommendations.
• Reasonable Accommodation requests for USA Hire assessments are handled through the online application process.
• Current or former political appointees should disclose related information as required by OPM guidance.