Penetration Tester (Pen Tester), Level 3 (Senior)

Overview

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.

Responsibilities

Arcfield's Cyber programs are expanding and currently in need of Penetration Tester (Pen Tester), Level 3 (Senior) professionals to review and evaluate customer Information Systems (IS) and recommend changes to the Government that can improve information confidentiality, integrity, and availability. Note: An offer for this position is contingent upon contract award.

Responsibilities include, but are not limited to the following:

• Conduct basic reconnaissance and vulnerability scanning using established methodologies
• Identify, document, and report common vulnerabilities that could be exploited
• Perform security-focused services to improve the security posture of customer Information Systems
• Execute active and passive penetration testing capabilities on customer IT assets, as per government policy and direction
• Document findings in detailed reports for inclusion in Security Assessment Reports (SARs)
• Support Risk Management Framework (RMF) Steps 4 and 6 processes
• Review and write Information System Accreditation Packages (ISAPs) and Technical Information System Security Requirements (TISSRs)
• Conduct approved testing and write reports following government-approved templates
• Complete ISAP/TISSR reports within 30 calendar days of on-site assessment completion
• Maintain and update report templates with government approval
• Demonstrate basic scripting abilities and understanding of network fundamentals
• Proficiently use vulnerability scanning tools
• Adhere to rules of engagement agreements between COMM Pen Testers and customer Program ISO
• Collaborate with Program Offices to determine the scope and depth of Information System testing

Qualifications

Required:

• BS 5-7 Years, MS 3-5, PhD 0-2 (Bachelor/STEM)
• Must possess and have the ability maintain a TS/SCI w Poly
• 4 yrs-Relevant experience
• Certifications:
  • GCIH
  • GPEN
  • PenTest+
• Scripting abilities
• Understanding of network fundamentals
• Understanding of vulnerability scanning tools
• Expertise in Network protocols
• Expertise in Application security
• Expertise in Social engineering
• Expertise in Advanced scripting
• Extensive knowledge of Cybersecurity frameworks
• Extensive knowledge of Industry standards
• Extensive knowledge of Advanced security tools

EEO Statement

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.