Posted today
Top Secret/SCI
Unspecified
CI Polygraph
IT - QA and Test
Reston, VA (On-Site/Office)
Position Title: Penetration Tester
Clearance Requirements: TS/SCI with CI Polygraph. Investigation or CV date within 5 years.
Duties
Qualified candidate will perform multi-discipline penetration testing of customer systems and global networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, and research on the latest exploitation techniques and threat vectors in support of authorized missions and test events.
Requirements
Qualifications
Clearance Requirements: TS/SCI with CI Polygraph. Investigation or CV date within 5 years.
Duties
Qualified candidate will perform multi-discipline penetration testing of customer systems and global networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, and research on the latest exploitation techniques and threat vectors in support of authorized missions and test events.
Requirements
- Hold or eligible for Top Secret/SCI security clearance with CI polygraph.
- Professional certifications to meet DoD 8570 IAT II requirements.
- Specialized penetration testing focused certification (CEH, Pentest+, GPEN, OSCP, etc.)
- Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
Qualifications
- Experience performing web application security assessments.
- Experience with TCP/IP protocols as it relates to network security.
- Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
- Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures.
- Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
- Perform penetration tests on computer systems, networks, and applications.
- Create new testing methods to identify vulnerabilities.
- Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection.
- Pinpoint methods and entry points an attacker may use to exploit vulnerabilities or weaknesses.
- Search for weaknesses in common software, web applications and proprietary systems.
- Research, evaluate, document, and discuss findings with IT teams and management.
- Review and provide feedback for information security fixes.
- Establish improvements for existing security services, including hardware, software, policies, and procedures.
- Identify areas where improvement is needed in security education and awareness for users.
- Be sensitive to corporate considerations when performing testing (i.e., minimizing downtime and loss of employee productivity)
- Knowledgeable of the latest malware and security threats.
- In depth understanding of emerging threats, vulnerabilities, and exploits.
group id: 91111960
N
