Penetration Tester

Leidos•Huntsville, AL

2d•Onsite

About The Position

Leidos has a new and exciting opportunity for a Penetration Tester in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA) . Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos , we offer competitive benefits , including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security! Primary Responsibilities: This is a full-time position with the Leidos office in Huntsville, AL. The position consists of performing live penetration tests for customers and performing deep-dive preparatory analysis for any system under test. The position also includes recommending specific mitigation strategies to the customer for discovered vulnerabilities, and testing at multiple stages of the system development/acquisition lifecycle. This also includes tool development for use in stand-alone and network-connected systems. The position is responsible for ensuring survivability and resiliency of customer systems under test, and timely delivery of development updates and after-action reports after each red-team activity.

Requirements

Bachelor’s degree in Cyber Security, Computer Science, Computer Engineering, Electrical Engineering, or related Technical Degree and 2+ years of experience in penetration testing/red teams or related security field. Or a Master's degree and with some experience. Will consider work experience in lieu of a degree
Must be knowledgeable Linux (preferably Kali, Parrot, or similar distros) and Windows Operating systems
Experience with using scripting languages such as Bash or Python
A background in computer security, including forensics, systems analysis, and more
Strong problem solving skills
Candidate must have an active Secret clearance and must be willing to get a TS/SCI clearance to be considered

Nice To Haves

Prior training/experience in conducting penetration tests, reverse engineering, and/or system analysis
Strong communication skills for documenting and relaying findings to customers
Strong understanding of TCP/IP network architecture.
Experience with developing exploits using scripting languages such as bash, python, etc
Experience with scanning/analysis tools (nmap, nikto, Tenable Nessus, etc)
Experience with exploitation tools (Metasploit, Cobalt Strike, etc)
Completion or work towards PenTest+, Security+, CySA+, CEH, OSCP or similar technical certification

Responsibilities

Performing live penetration tests for customers
Performing deep-dive preparatory analysis for any system under test
Recommending specific mitigation strategies to the customer for discovered vulnerabilities
Testing at multiple stages of the system development/acquisition lifecycle
Tool development for use in stand-alone and network-connected systems
Ensuring survivability and resiliency of customer systems under test
Timely delivery of development updates and after-action reports after each red-team activity