Job description
Seeking a penetration tester for an Intelligence Community (IC) customer mission system. The successful candidate will perform vulnerability assessments and penetration testing following the customer’s prescribed scope statement with authorities derived from the customer’s Enterprise cyber security organization. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis. Specifically, the candidate will analyze mission systems to help assess vulnerability to compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open-source tools.
- Penetrate desktops, servers, applications, operating systems, and security systems to gain root/admin access
- Provide black-box penetration testing utilizing tools and techniques to conduct cybersecurity evaluations for highly specialized network communication systems
- Modify open-source exploits to bypass/evade antivirus, firewalls, hardened systems, and IDS/IPS systems
- Modify computer/system/network attacks, exploits, and Metasploit modules to create variations that evade detection
- Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation for multiple targets
- Hide digital artifacts and communications to evade antivirus, firewalls, IDS/IPS systems, Wireshark, and tcpdump
- Work independently to analyze, research, and solve technical problems
- Leverage existing business processes and document new repeatable business processes and procedures where necessary
- Research external information on cybersecurity events, incidents, threats, and technical vulnerabilities
Required Qualifications
- Bachelor’s degree (or equivalent) in Cybersecurity, Information Security, IT, Computer Engineering, Network Engineering, Computer Science, or Computer Forensics
- Demonstrated 11 years experience in three or more specific areas to include: analysis, network engineering, networking security, technical collection, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation.
- Proven proficiency with at least three (3) or more of the following: mobile security, telecom protocols, operating systems (Windows, iOS, Android, or Linux), software reverse engineering, forensics, network analysis, vulnerability assessment or malware forensics.
- Demonstrated working knowledge of software development and some demonstrated proficiency in scripting and/or programming languages and database development
- Proven ability to research and analyze data from a variety of sources and to present findings in clear and concise written reports
- Experience with Kali Linux and Metasploit tools
- Experience with programming/scripting: Python, Powershell, Ruby, C, JavaScript, etc
Desired:
- MS degree in Computer Science, Engineering, Computer Forensics, Network Security, or equivalent technical experience
- 4 years of exploit development, computer/network security, or network traffic analysis using analytical tools
- Expert knowledge of networking components/devices and various OS/applications in Linux and Windows environments
- At least one of the following certifications: CISSP, OSCP, CEH, CEPT, GPEN, EnCE, GASF, GSFE, or BLCE
gatheringourvoice.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, gatheringourvoice.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, gatheringourvoice.org is the ideal place to find your next job.