Job DescriptionRaytheon Intelligence & Space (RIS) - Cybersecurity, Training & Services (CTS) is seeking a cleared Lead Penetration Testerto direct a team in fulfilling a US Federal Agency's mission to ensure security measures and safeguards are in place to thwart threat attacks and prevent unauthorized access.* An active TS/SCI security clearance is required.Work Location:National Capital Region (Rosslyn, VA)Job Description:Leads and conducts network or software vulnerability assessments and Red Team penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Leverage the MITRE ATT&CK framework to develop threat models and methodologies in building operational engagement plans. Create test cases each individual TTP found in ATT&CK as well as custom and more advanced variants to assess the organization's coverage across a spectrum of intrusion sets and scenarios. Develop and use malware, pivoting, escalating privileges to test the organization's security effectivenessJobResponsibilities:Shall perform specific activities that include, but not limited to the following:Develop and maintain a multi-year schedule with resourcing for penetration testing activitiesPlan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise terface and coordinate with third party organizations performing penetration testingInterface and coordinate with system owners to establish targets for testing, test schedule, test goals, and rules of engagementDevises plans and scenarios for various types of penetration tests and automate the simulation of tactics, techniques, and procedures used by advanced cyber threat actorsLead and conduct penetration test in accordance with NSA INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM)Manage and perform reconnaissance, threat modeling, vulnerability identification, authorized exploitation, and post-exploitation cleanup activitiesEnsure penetration testing reports includes targets, test plan, scenarios tested, findings, test evidence and recommendations in penetration test report and presents results to customer leadershipConduct management briefings on penetration testing program, metrics, schedule, activities, performance and vulnerability findingsPerform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities Manage and support the development of penetration testing SOPs. Performs off-hours work as necessary.Occasionally travel within CONUS and OCONUS.Required Skills:Skilled in managing diverse workforce, resource assignment, scheduling, metrics and process developmentAbility to assess information of network threats such as scans, computer viruses or complex attacksPerform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilitiesContribute to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying riskExperienced with penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)Experience with SIEMS (such as NetWitness, Splunk, SumoLogic, QRadar)Experience with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status CodesKnowledge of and practical experience of integration of COTS or open source toolsExcellent written and verbal communication skills Proficiency with MS Office ApplicationsMust be able to work collaboratively across teams and physical locationsWorking knowledge of WAN/LAN concepts and technologiesKnowledge of the following:Operating System HardeningVulnerability Assessment testingIdentification and Authentication schemesPublic Key Infrastructure and Identity ManagementWAN/LAN, firewalls, routers and security appliancesCross Domain SolutionsReverse EngineeringSecurity engineering Cloud and hybrid Cloud environmentMobile technologies Required Certifications:OSCP/E or equivalentDesired Certifications:DODI 8570.1-M Compliance at IAT Level II; CISSP preferredRequired Education:*Bachelor of Science Degree in Cyber Security, Computer Science, Computer Engineering or related field and candidates must have a minimum of 8+ years of relevant work experience. Equivalent education and experience may be considered.Clearance required:*All candidates must have an active TS/SCI security clearance.Business Unit ProfileRaytheon Intelligence & Space delivers the disruptive technologies our customers need to succeed in any domain, against any challenge. A developer of advanced sensors, training, and cyber and software solutions, Raytheon Intelligence & Space provides a decisive advantage to civil, military and commercial customers in more than 40 countries around the world. Headquartered in Arlington, Virginia, the business generated $15 billion in pro forma annual revenue in 2019 and has 39,000 employees worldwide. Raytheon Intelligence & Space is one of four businesses that form Raytheon Technologies Corporation.BusinessIntelligence, Information&Svcs Relocation EligibleNoTalent AreaComputer Engineering, Computer Science, Cyber Jobs, Security, Systems Engineering, TechnicalType Of JobFull TimeJob FunctionInformation Technology Ability to TelecommuteNo telecommuting Clearance TypeTS/SCI - Current US FLSA ClassificationExempt Equal Opportunity/Affirmative Action EmployerRaytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.Work Location:VA - Rosslyn Requisition ID: 178787BRSDL2017