Junior Penetration Tester

About The Position

Requirements

• 3+ years’ experience in three or more specific areas including intelligence analysis, network engineering, networking security, penetration testing, red team operations, hardware engineering, software engineering, exploit development, reverse engineering, vulnerability assessment, physical security assessments, social engineering.
• Strong knowledge of testing simulated intrusion attempts and physical penetration testing.
• Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT devices.
• Familiarity with unmanned aerial vehicles and associated mobile and wireless technologies.
• Proficiency of various operating systems: Windows, iOS, Android, Mac or Linux.
• Proficiency with cloud technology and deployments: Amazon Web Services, Microsoft Azure, Google Cloud Platform.
• Moderate competency in at least one scripting and/or coding language.
• Working knowledge of software development, with preference for experience working around software development teams and efforts.
• Experience in network analysis methodologies.
• Experience in drafting reports, documenting case details, and summarizing findings and recommendations based on system analysis.
• Demonstrated strong written and verbal communication skills.
• BS (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field.
• Willingness to travel.
• US Citizenship and an active Top Secret/SCI security clearance required.

Nice To Haves

• Familiarity with container technologies to include container orchestration and microservices.
• Experience with DevSecOps and adjacent tools; strong preference for experience with Kubernetes, software development pipelines.
• Security Certification: CEH, OSCP, PNPT or similar security/pentesting certs.
• Experience employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis.
• Experience in performing post-incident computer forensics without destruction of critical data.
• Desired experience ensuring quality assurance and the spreading of best practices.
• MS degree in technical field.
• Security+ Certification.

Responsibilities

• Plan and perform continuous cross-domain vulnerability assessments.
• Conduct full-scale penetration testing and red team operations.
• Lead the technical aspect of specific, long-term penetration testing efforts.
• Conduct varied testing efforts against applications and networks for the federal government.
• Develop a continuous campaign-based assessment that emulates the target’s real-world adversaries.
• Integrate into ongoing testing efforts, requiring subject matter expertise in multiple disciplines of vulnerability testing and assessment.
• Interact and liaison directly with clients.
• Write and document findings.
• Occasional travel for onsite testing.