Today
Secret
IT - Security
Rosslyn, VA (On/Off-Site)
In this role, you will:
Support the Penetration Testing (Red Cell) Team.
Assess the current state of the customer’s system security by identifying all vulnerabilities and security measures.
Help customer perform analysis and mitigation of security vulnerabilities.
Perform and report on penetration testing of systems, including cloud, to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).
Stay abreast of current attack vectors and unique methods for exploitation of computer networks.
Provide support to incident response teams through capability enhancement and reporting.
Assist in maintaining Red Cell infrastructure.
Develop or modify tools that automate discovery or exploitation (e.g. bash, Python, JavaScript, PowerShell).
Required:
Bachelor's degree and 1 year of related experience or additional 4 years may be considered in lieu of the degree requirement.
Basic understanding of networking and security principles.
Experience with evaluating system security configurations.
Understand common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
Fundamentals of network routing & switching and assessing network device configurations.
Familiarity in evaluating findings and performing root cause analysis.
Demonstrated ability to work alone and/or within a small group.
Must process and maintain ONE of the listed certifications below:
CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER
Support the Penetration Testing (Red Cell) Team.
Assess the current state of the customer’s system security by identifying all vulnerabilities and security measures.
Help customer perform analysis and mitigation of security vulnerabilities.
Perform and report on penetration testing of systems, including cloud, to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).
Stay abreast of current attack vectors and unique methods for exploitation of computer networks.
Provide support to incident response teams through capability enhancement and reporting.
Assist in maintaining Red Cell infrastructure.
Develop or modify tools that automate discovery or exploitation (e.g. bash, Python, JavaScript, PowerShell).
Required:
Bachelor's degree and 1 year of related experience or additional 4 years may be considered in lieu of the degree requirement.
Basic understanding of networking and security principles.
Experience with evaluating system security configurations.
Understand common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
Fundamentals of network routing & switching and assessing network device configurations.
Familiarity in evaluating findings and performing root cause analysis.
Demonstrated ability to work alone and/or within a small group.
Must process and maintain ONE of the listed certifications below:
CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER
group id: 10176392
