ASEC3

ADVANCED STRATEGIC ENTERPRISE CONCEPTS

Senior Penetration Tester (2020-10000-2486)

Overview

The Penetration Tester will support an Intelligence Community (IC) customer mission system performing vulnerability assessments and penetration testing following the customer’s prescribed scope statement with authorities derived from the customer’s Enterprise cyber security organization. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis. Specifically, the candidate will analyze mission systems to help assess vulnerability to compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open source tools.

Candidates must already possess a current and active TS/SCI with Poly clearance to be considered for this position.

Responsibilities

  • Penetrate desktops, servers, applications, operating systems, and security systems to gain root/admin access
  • Provide black-box penetration testing utilizing tools and techniques to conduct cybersecurity evaluations for highly specialized network communication systems
  • Modify open source exploits to bypass/evade antivirus, firewalls, hardened systems, and IDS/IPS systems
  • Modify computer/system/network attacks, exploits, and Metasploit modules to create variations that evade detection
  • Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation for multiple targets
  • Hide digital artifacts and communications to evade antivirus, firewalls, IDS/IPS systems, Wireshark, and tcpdump
  • Work independently to analyze, research, and solve technical problems
  • Leverage existing business processes and document new repeatable business processes and procedures where necessary

Qualifications

Required:

  • Experience with Kali Linux and Metasploit tools
  • Experience with programming/scripting: Python, Powershell, Ruby, C, JavaScript, etc
  • Strong written and verbal communication skills, including ability to explain complex technical topics to non-technical audiences

Desired:

  • MS degree in Computer Science, Engineering, Computer Forensics, Network Security, or equivalent technical experience
  • 4 years of exploit development, computer/network security, or network traffic analysis using analytical tools
  • Expert knowledge of networking components/devices and various OS/applications in Linux and Windows environments
  • At least one of the following certifications: CISSP, OSCP, CEH, CEPT, GPEN, EnCE, GASF, GSFE, or BLCE

Education

  • BS degree in Cybersecurity, Information Security, Information Technology, Computer Science/Engineering, Network Engineering, or Computer Forensics with 6-8 (Senior) or 11+(Expert) years of experience

 
We are an Equal Opportunity/Affirmative Action Employer.

We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. Equal Opportunity Employer Minorities/Women/Vets/Disabled.

Apply Online:

Fields with (*) are mandatory.