Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Charleston, SC•Reston, VA
The Penetration Tester will conduct multiple-disciple penetration tests of global customer networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, research on the latest exploitation techniques and threat vectors, and design and configuration of representative test environments. Candidate must support various training events, conferences, exercises, and demonstrations to ensure continued compliance with team member certification requirements to enhance technical capabilities, and to support authorized missions and test events.
Specific Requirements/Job Description:
-Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
-Experience performing web application security assessments
-Experience with TCP/IP protocols as it relates to network security
-Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
-Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures
-Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
-Perform penetration tests on computer systems, networks, and applications
-Create new testing methods to identify vulnerabilities
-Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection
-Pinpoint methods and entry points that attacker may use to exploit vulnerabilities or weaknesses
-Search for weaknesses in common software, web applications and proprietary systems
-Research, evaluate, document, and discuss findings with IT teams and management
-Review and provide feedback for information security fixes
-Establish improvements for existing security services, including hardware, software, policies, and procedures
-Identify areas where improvement is needed in security education and awareness for users
-Be sensitive to corporate considerations when performing testing (i.e., minimize downtime and loss of employee productivity)
-Stay updated on the latest malware and security threats
-In depth understanding of emerging threats, vulnerabilities, and exploits.
Qualifications:
-Candidate must have an active Top-Secret Clearance and be eligible to obtain an SCI
-Bachelor's degree and 12 years of experience
-SPECIALIZED experience in Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and penetration testing
-Ability to develop tools and scripts independently and rapidly from concept to production in a high-stress, short deadline, under-resourced environment using multiple programming languages
-Maintain minimum required professional certifications to meet DoD 8570 requirements (Sec+), to include CEH, CISSP, GPEN, OSCP, or ability to obtain within 6 months of hire
-Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
Specific Requirements/Job Description:
-Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
-Experience performing web application security assessments
-Experience with TCP/IP protocols as it relates to network security
-Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
-Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures
-Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
-Perform penetration tests on computer systems, networks, and applications
-Create new testing methods to identify vulnerabilities
-Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection
-Pinpoint methods and entry points that attacker may use to exploit vulnerabilities or weaknesses
-Search for weaknesses in common software, web applications and proprietary systems
-Research, evaluate, document, and discuss findings with IT teams and management
-Review and provide feedback for information security fixes
-Establish improvements for existing security services, including hardware, software, policies, and procedures
-Identify areas where improvement is needed in security education and awareness for users
-Be sensitive to corporate considerations when performing testing (i.e., minimize downtime and loss of employee productivity)
-Stay updated on the latest malware and security threats
-In depth understanding of emerging threats, vulnerabilities, and exploits.
Qualifications:
-Candidate must have an active Top-Secret Clearance and be eligible to obtain an SCI
-Bachelor's degree and 12 years of experience
-SPECIALIZED experience in Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and penetration testing
-Ability to develop tools and scripts independently and rapidly from concept to production in a high-stress, short deadline, under-resourced environment using multiple programming languages
-Maintain minimum required professional certifications to meet DoD 8570 requirements (Sec+), to include CEH, CISSP, GPEN, OSCP, or ability to obtain within 6 months of hire
-Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
group id: 91120692
