Avionics Penetration Tester - Midlevel

Astrion has an exciting opportunity for an SE-3 Cybersecurity Penetration Tester for the TMAS 2 96 CTG Task Order, supporting the 48 CTS / TGEE. The 48th CTS/Det 1 conducts Cyber Security Test & Evaluation of Embedded Avionics & Weapons Systems for multiple platforms within the Air Force., * Execute test projects and program objectives with various DoD and federal agency customers

• Review technical documentation related to Avionics Embedded Systems and RF datalinks and identify potential design shortfalls that might result in a cybersecurity weakness
• Develop test corpus and test plans to validate the presence of weaknesses
• Analysis data from test events and present this data in a coherent and accurate manner for the customer
• Work with operational testers and pilots to identify vulnerabilities which might affect the cyber resiliency of the platform for a given mission
• Assist with developing cyber contested environments to demonstrate the resiliency of the platform under test

• Technical BS Degree and 3-10 years of applicable experience. Additional experience may be substituted for education.
• Active Secret clearance is required and must be able to obtain/maintain a Top Secret clearance. U.S. Citizenship is required.
• Must have or be able to obtain DOD 8140 IAT Level 3 certification (CASP, CISSP, ISSEP, etc.) within 6 months of hire, and maintain certification throughout employment.

And

• Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)
• Proficiency in analyzing and/or manipulating avionics communication protocols, such as ARINC 429, MIL-STD-1553.
• Military aircraft operations, maintenance, test or acquisition experience is desired.
• Prior knowledge and applicable experience using various RF testing tools such as HackRF, SDR's, spectrum analyzers, and Wireshark.
• Knowledge of common vulnerabilities and attack vectors in aviation systems, including but not limited to buffer overflows, injection attacks, and protocol manipulation.
• Understanding of aircraft network architectures, including intra-aircraft networks and inter-aircraft networks (e.g., Air Traffic Management Data Link, Aircraft Communications Addressing and Reporting System).
• Understanding of cryptographic principles and their application in aviation security, including key management, encryption algorithms, and digital signatures.

Or

• Familiarity with industry-standard frameworks and methodologies for conducting penetration tests, such as OWASP Testing Guide and NIST SP 800-115
• Knowledge of endpoint security technologies and techniques, such as antivirus, host-based intrusion detection/prevention systems (HIDS/HIPS), and privilege escalation exploits.
• Experience in identifying and exploiting security vulnerabilities in web applications, including injection flaws, cross-site scripting (XSS), and insecure direct object references (IDOR).
• Familiarity with common networking protocols and technologies, such as TCP/IP, DNS, DHCP, VLANs, VPNs, and SSL/TLS.
• Proficiency in conducting vulnerability assessments and penetration tests on network infrastructure, including routers, switches, firewalls, and servers.
• Ability to effectively communicate technical findings and recommendations to both technical and non-technical stakeholders through detailed reports and presentations.
• Prior experience with the use of enterprise penetration test tools. (nmap, Nessus, BurpSuite, Hydra, Metasploit, BloodHound.)
• Continuous learning and staying updated with the latest security trends, vulnerabilities, and attack techniques through self-study, training, and participation in industry conferences and events.
• Experience with python, bash, and PowerShell scripts
• Capable of rewriting preexisting scripts, tools, or exploits to work on target systems.
• Conduct penetration tests on Active Directory environments, leveraging tools like BloodHound and PowerView for reconnaissance and enumeration, to identify vulnerabilities and attack paths.
• Execute advanced attack techniques, including pass-the-hash and golden ticket attacks, to assess the effectiveness of Active Directory security controls and simulate real-world threat scenarios.
• Provide actionable recommendations and remediation strategies to improve the security posture of Active Directory infrastructures, emphasizing best practices such as least privilege principles and strong password policies.
• Demonstrate the ability to complete a CTF if requested, * Bachelor's Degree in either Engineering or Cybersecurity related Discipline desired.
• Active TS/SCI preferred.
• OSCP, CPTS, PNPT certifications desired.
• Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)