Seeking a penetration tester for an Intelligence Community (IC) customer mission system. The successful candidate will perform vulnerability assessments and penetration testing following the customer’s prescribed scope statement with authorities derived from the customer’s Enterprise cyber security organization. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis. Specifically, the candidate will analyze mission systems to help assess vulnerability to compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open-source tools.

• Penetrate desktops, servers, applications, operating systems, and security systems to gain root/admin access
• Provide black-box penetration testing utilizing tools and techniques to conduct cybersecurity evaluations for highly specialized network communication systems
• Modify open-source exploits to bypass/evade antivirus, firewalls, hardened systems, and IDS/IPS systems
• Modify computer/system/network attacks, exploits, and Metasploit modules to create variations that evade detection
• Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation for multiple targets
• Hide digital artifacts and communications to evade antivirus, firewalls, IDS/IPS systems, Wireshark, and tcpdump
• Work independently to analyze, research, and solve technical problems
• Leverage existing business processes and document new repeatable business processes and procedures where necessary
• Research external information on cybersecurity events, incidents, threats, and technical vulnerabilities

Required Qualifications

• Bachelor’s degree (or equivalent) in Cybersecurity, Information Security, IT, Computer Engineering, Network Engineering, Computer Science, or Computer Forensics
• Demonstrated 11 years experience in three or more specific areas to include: analysis, network engineering, networking security, technical collection, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation.
• Proven proficiency with at least three (3) or more of the following: mobile security, telecom protocols, operating systems (Windows, iOS, Android, or Linux), software reverse engineering, forensics, network analysis, vulnerability assessment or malware forensics.
• Demonstrated working knowledge of software development and some demonstrated proficiency in scripting and/or programming languages and database development
• Proven ability to research and analyze data from a variety of sources and to present findings in clear and concise written reports
• Experience with Kali Linux and Metasploit tools
• Experience with programming/scripting: Python, Powershell, Ruby, C, JavaScript, etc

Desired:

• MS degree in Computer Science, Engineering, Computer Forensics, Network Security, or equivalent technical experience
• 4 years of exploit development, computer/network security, or network traffic analysis using analytical tools
• Expert knowledge of networking components/devices and various OS/applications in Linux and Windows environments
• At least one of the following certifications: CISSP, OSCP, CEH, CEPT, GPEN, EnCE, GASF, GSFE, or BLCE