Cybersecurity Tester, Lead

Quantico, Virginia, United States
Oct 23, 2018
Nov 01, 2018
IT, QA Engineer
Full Time
Job Description Job Number: R0033261

Cybersecurity Tester, Lead

Key Role:
Manage Red Team operations responsible for reducing Cyber risk by uncovering vulnerabilities and weaknesses in the enterprise Cyber environment through coordinated ethical hacking and penetration testing scenarios. Lead an operational network exploitation and Cyber threat emulation testing team executing numerous Red Team operations per year. Oversee team development of custom malware to support targeted operations. Plan, manage, and help execute sophisticated ethical hacking exercises to identify Cyber vulnerabilities and reduce the risk posture of enterprise systems. Act as an SME to management in network and application security threat, vulnerability, and attack vector areas and guide reporting and remediation. Identify opportunities and create strategies to enhance the information security posture against a broad range of Cyber threats. Work in partnership with architects and developers to identify mitigating controls for vulnerabilities identified across applications and perform security assessments to emulate the tactics, techniques, and procedures of a variety of threats.

Basic Qualifications:
-5+ years of experience with various assessments, including penetration tests of system networks in a DoD network environment
-5+ years of experience with developing exploit codes for network and system penetration testing
-5+ years of experience with developing and maintaining custom applications that exploit known system vulnerabilities or system misconfigurations to gain system command and control during red team operations
-Experience with developing undetected malware for use in Red Team assessments against enterprise-level networks
-Top Secret clearance
-HS diploma or GED
-DoD 8570.01 IAT Level III Certification, including CCNP Security, GCED, CASP, CISSP, or CISA
-DoD 8570.01 IASAE II Certification, including CASP, CISSP, or CSSLP

Additional Qualifications:
-Experience with implementing or assessing compliance with DoD, Department of Navy (DON), or US Marine Corps (USMC) CND policies, regulations, and compliance documents
-Experience in assessing compliance with security controls and DoD Secure Technical Implementation Guidelines (STIG) to support the DoD IA Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF)
-Experience with supporting local area network and wide area network systems and components in accordance with NIST Special Publication 800-115 Technical Guide to. Information Security Testing and Assessment
-Ability to adhere to project schedule and recommend changes to maintain positive project outcomes, as necessary
-BA or BS degree in IT or CS
-Professional certification in one or more technical fields or computing environment (CEs), including Windows, UNIX, and Red Hat Linux 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Similar jobs