Pen Test Operator

Guidehouse-posted 5 months ago
$113,000 - $188,000/Yr
Full-time • Mid Level
Beltsville, MD
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

This position is expected to conduct penetration testing activities on High Value Asset (HVA) systems owned and operated by federal civilian agencies. This position requires experience in providing penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems. They will also measure compliance with organizational security policies, test whether staff are aware of security issues and ultimately determine the organization’s risk to cybersecurity threats.

  • Performing network mapping and reconnaissance, documenting Rules of Engagement to guide the scope, developing test plan, and assisting with acquiring management approval.
  • External Testing: Conducting a variety of penetration tests based on system’s criticality, test objectives, and organization’s requirements to include: Working with IT personnel to define scope for targeted testing; and Mimicking an outside attacker to gain access to system and what information can be accessed.
  • Internal Testing: Mimicking an outside an insider attack to determine risk employees with various access levels pose to the organization.
  • Red Team Testing: Focusing testing activity towards accessing specific target datasets. Testing methodology should include crafted e-mails, custom public websites, exploit code, and social engineering.
  • Analyzing test results, developing a report on discovered vulnerabilities, and providing risk-based recommendations to remediate those vulnerabilities.
  • An ACTIVE and MAINTAINED "SECRET" Federal or DoD security clearance
  • Bachelor’s degree
  • Minimum THREE (3) years’ experience relevant to Penetration Testing or IT Systems Configuration or Risk and Vulnerability Assessment or Cybersecurity and/or IT Technology Consulting
  • An ACTIVE and MAINTAINED "TOP SECRET" Federal or DoD security clearance
  • Master's Degree
  • CISA AES HVA Assessment certification with proof of certification as a CISA-AES HVA Pen Test Operator.
  • Experience supporting US government cybersecurity programs.
  • CISSP or CISM.
  • Experience managing direct client engagement team to deliver impactful support to Federal clients.
  • Experience with managing/supporting and/or knowledge of cybersecurity or HVA Program.
  • One of the following certifications: Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification.
  • Experience conducting HVA assessment or performing Risk and Vulnerability Assessments.
  • Knowledge of Cybersecurity Framework, Risk Management, NIST 800-83 Rev 5.
  • Experience developing and maintaining working relationships while serving Federal clients onsite.
  • Ability to identify obstacles and opportunities that impact the success of plans or initiatives.
  • Excellent oral and written communication and presentation skills.
  • Ability to communicate effectively and demonstrate leadership when interacting with clients and fellow team members.
  • Medical, Rx, Dental & Vision Insurance
  • Personal and Family Sick Time & Company Paid Holidays
  • Position may be eligible for a discretionary variable incentive bonus
  • Parental Leave and Adoption Assistance
  • 401(k) Retirement Plan
  • Basic Life & Supplemental Life
  • Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
  • Short-Term & Long-Term Disability
  • Student Loan PayDown
  • Tuition Reimbursement, Personal Development & Learning Opportunities
  • Skills Development & Certifications
  • Employee Referral Program
  • Corporate Sponsored Events & Community Outreach
  • Emergency Back-Up Childcare Program
  • Mobility Stipend
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Manual Tester Resume Examples
Manual Tester Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service