Job ID 178787BR Most Recent Date Posted 07/17/2021 City Rosslyn State VA Country United States Raytheon Intelligence & Space (RIS) - Cybersecurity, Training & Services (CTS) is seeking a cleared Lead Penetration Testerto direct a team in fulfilling a US Federal Agency's mission to ensure security measures and safeguards are in place to thwart threat attacks and prevent unauthorized access. An active TS/SCI security clearance is required. Work Location: National Capital Region (Rosslyn, VA) Job Description: Leads and conducts network or software vulnerability assessments and Red Team penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Leverage the MITRE ATT&CK framework to develop threat models and methodologies in building operational engagement plans. Create test cases each individual TTP found in ATT&CK as well as custom and more advanced variants to assess the organization's coverage across a spectrum of intrusion sets and scenarios. Develop and use malware, pivoting, escalating privileges to test the organization's security effectiveness Job Responsibilities: Shall perform specific activities that include, but not limited to the following: Develop and maintain a multi-year schedule with resourcing for penetration testing activities Plan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise levels. Interface and coordinate with third party organizations performing penetration testing Interface and coordinate with system owners to establish targets for testing, test schedule, test goals, and rules of engagement Devises plans and scenarios for various types of penetration tests and automate the simulation of tactics, techniques, and procedures used by advanced cyber threat actors Lead and conduct penetration test in accordance with NSA INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM) Manage and perform reconnaissance, threat modeling, vulnerability identification, authorized exploitation, and post-exploitation cleanup activities Ensure penetration testing reports includes targets, test plan, scenarios tested, findings, test evidence and recommendations in penetration test report and presents results to customer leadership Conduct management briefings on penetration testing program, metrics, schedule, activities, performance and vulnerability findings Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities Manage and support the development of penetration testing SOPs. Performs off-hours work as necessary. Occasionally travel within CONUS and OCONUS. Required Skills: Skilled in managing diverse workforce, resource assignment, scheduling, metrics and process development Ability to assess information of network threats such as scans, computer viruses or complex attacks Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities Contribute to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk Experienced with penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.) Experience with SIEMS (such as NetWitness, Splunk, SumoLogic, QRadar) Experience with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes Knowledge of and practical experience of integration of COTS or open source tools Excellent written and verbal communication skills Proficiency with MS Office Applications Must be able to work collaboratively across teams and physical locations Working knowledge of WAN/LAN concepts and technologies Knowledge of the following: Operating System Hardening Vulnerability Assessment testing Identification and Authentication schemes Public Key Infrastructure and Identity Management WAN/LAN, firewalls, routers and security appliances Cross Domain Solutions Reverse Engineering Security engineering Cloud and hybrid Cloud environment Mobile technologies Required Certifications: OSCP/E or equivalent Desired Certifications: DODI 8570.1-M Compliance at IAT Level II; CISSP preferred Required Education: Bachelor of Science Degree in Cyber Security, Computer Science, Computer Engineering or related field and candidates must have a minimum of 8+ years of relevant work experience. Equivalent education and experience may be considered. Clearance required: All candidates must have an active TS/SCI security clearance. 178787 Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.