Penetration Testing Manager

Centurion Consulting Group, LLC
Germantown, MD
May 14, 2022
May 17, 2022
Full Time
We are hiring for a Penetration Testing Manager will support operations for the National Nuclear Security Administration (NNSA) Office of the Chief Information Officer (OCIO). The successful candidate responsibilities in these areas will extend to the global NNSA environment, and you will work with cross-functional teams to proactively improve the security posture. Your responsibilities in penetration testing will extend to the identification of exploitable vulnerabilities within the environment. You will additionally lead a team performing red teaming activities including creation of product kill chain narratives, attack analysis, identification of vulnerabilities, knowledge transfer of attack methodologies and Zero Days, production of post-mortem data to inform the defense team. Your responsibilities with respect to vulnerability management services will include managing a vulnerability data repository, managing vulnerability scanning and reporting, and vulnerability analysis and remediation recommendations. This role will also be responsible for managing security tools and technologies that support the vulnerability management program and performing static and dynamic code analysis. You will also lead a team performing product specific assessments of NNSA systems in production as well as those under development. The preferred candidate will be responsible for leading these efforts in collaboration with the OCIO for the enterprise environment. The candidate must have expert skills in conducting technical analysis of security and business problems, as well as threats, incidents, investigations, workforce protection, and other general security related issues. The candidate must also effectively communicate, motivate, and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of NNSA's critical business, and operational infrastructure needs.Basic qualifications:US CitizenshipActive DOE Q or TS/SCI clearance DoD 8570 IAT or IAM Level III certification OSCP CertificationBachelor's degree in a cyber related discipline and 7-10 years of prior relevant work experience within IT/CybersecurityExcellent communication skills with all levels of stakeholdersExperience with one or more programming/scripting languages (eg, C++, Perl, Java, Python, etc.)Experience in Red Teaming, Penetration Testing, Vulnerability Discovery, and Product TestingAbility to communicate technical concepts to a broad range of technical and non-technical staff.Perform the discovery and exploitation of vulnerabilities within the environmentProvide recommendations, remediation and/or mitigations of vulnerabilities discovered within the networkDevelop tactics, techniques and procedures (TTPs) to combat newly discovered threats. Preferred Qualifications:CISSP Certification or ability to obtain within 6 months of start DOE and/or NNSA site experience strongly preferred Knowledge and familiarity with the fundamental of agile project managementKnowledge of DOE and/or NNSA security policies and procedures Experience working in both Classified and Unclassified operations Experience working within Security Operation Center (SOC) environmentsSecurity hardening scripting/automation experienceKnowledge of and/or experience with SD 205.1Travel up to 10% Located full time in Germantown, MDPosition Details:Clearance: Current and Active TS/SCI or Q ClearanceUS Citizenship is requiredTravel: Centurion Consulting Group, LLC is an Equal Opportunity Employer EOE M/F/D/VNo third parties or subcontractors

Similar jobs