Avionics Penetration Tester - Junior - TGEE

About The Position

Requirements

• Technical BS Degree and 0-3 years of applicable experience. Additional experience may be substituted for education.
• Active Secret clearance is required and must be able to obtain/maintain a Top Secret clearance. U.S. Citizenship.
• Must have or be able to obtain DOD 8570 IAT Level 3 certification (CASP, CISSP, ISSEP, etc.) within 6 months of hire, and maintain certification throughout employment.
• Networking Fundamentals: A solid understanding of the OSI model, TCP/IP, network routing/switching, and common network protocols.
• Computer Architecture: Knowledge of computer and processor architecture, memory management, and familiarity with embedded systems.
• Operating Systems: Experience with Linux-based operating systems (e.g., Kali, Ubuntu) and comfort on the command line.
• Problem-Solving Aptitude: A demonstrated ability to approach complex technical challenges methodically. Experience with Capture The Flag (CTF) events, bug bounties, or personal security research projects is a significant advantage.
• Communication: Exceptional written and verbal skills. You must be able to document your test methodology and translate highly technical findings for non-technical audiences.
• Avionics Datalink Knowledge: Foundational understanding of military and civilian avionics data buses, primarily MIL-STD-1553 and ARINC 429. Familiarity with other protocols like Link 16 or CAN bus is a plus.
• RF Systems Experience: Prior experience with RF theory and hands-on use of test equipment.
• RF Analysis Tools: Spectrum Analyzers, Vector Signal Analyzers, and Network Analyzers.
• RF Generation Tools: Signal Generators and Arbitrary Waveform Generators.
• SDR Platforms: Hands-on use of tools like HackRF, USRP, or similar Software Defined Radios for signal analysis and manipulation.
• Signal Analysis: Experience capturing and analyzing RF signals using tools like Wireshark, GNU Radio, or custom scripts.
• Penetration Testing Tools: Hands-on experience with the tools of the trade. You should be comfortable with:
• Discovery & Enumeration: Nmap, Nessus, and enumeration scripts.
• Exploitation: Metasploit Framework, Burp Suite, Bloodhound, Impacket, and all other standard penetration test tool and C2 frameworks (Mythic C2 and Silver).
• Advanced Scripting & Automation: Strong proficiency in scripting to automate tasks, modify exploits, and create custom tools.
• Python: For tool development and data parsing.
• Bash & PowerShell: For system administration, automation, and command-line operations.
• Exploit Development/Modification: The ability to analyze and rewrite pre-existing scripts, tools, or public exploits to function effectively on unique or constrained target systems.
• Demonstrated proficiency in bypassing modern, layered security defenses (e.g., EDR, advanced firewalls, network traffic analysis) to establish and maintain persistent, C2 (Command and Control) access within a contested network environment.

Nice To Haves

• Active TS/SCI preferred.
• OSCP, CPTS, PNPT certifications desired.
• Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)
• For Path 1, an understanding of modulation schemes and protocol reverse engineering is highly desired.

Responsibilities

• Execute Full-Spectrum Penetration Tests: Plan and conduct security assessments on advanced avionics, embedded systems, traditional IP systems, and RF datalinks for various DoD and federal customers.
• Become a Systems Expert: Dive deep into technical documentation to uncover design flaws and potential cybersecurity weaknesses before they become a threat.
• Develop Custom Test Plans: Author comprehensive test plans and detailed procedures to validate the cyber resiliency of mission-critical platforms.
• Analyze and Report: Meticulously analyze test data and translate complex technical findings into clear, actionable reports for pilots, engineers, and leadership.
• Collaborate with the Best: Work alongside operational testers and pilots to identify vulnerabilities that could impact real-world missions and help develop cyber-contested environments for resiliency testing.