JR CYBER PENETRATION TESTER / SECRET
Role details
Job location
Tech stack
Job description
Encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support for Bureau of Diplomatic Security, Cyber and Technology Security Directorate in three key offices/functional areas: Cyber Monitoring and Operations, Cyber Threat and Investigations, and Technology Innovation and Engineering State., This Federal Strategic Cyber program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise the Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. In this role, you will:
- Support the Penetration Testing (Red Cell) Team.
- Assess the current state of the customer's system security by identifying all vulnerabilities and security measures.
- Help customer perform analysis and mitigation of security vulnerabilities.
- Perform and report on penetration testing of systems, including cloud, to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).
- Stay abreast of current attack vectors and unique methods for exploitation of computer networks.
- Provide support to incident response teams through capability enhancement and reporting.
- Assist in maintaining Red Cell infrastructure.
- Develop or modify tools that automate discovery or exploitation (e.g. bash, Python, JavaScript, PowerShell).
Requirements
Required: LU
- Bachelor's degree and 1 year of related experience or an additional 4 years may be considered in lieu of the degree requirement.
- Basic understanding of networking and security principles.
- Experience with evaluating system security configurations.
- Understand common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
- Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
- Fundamentals of network routing & switching and assessing network device configurations.
- Familiarity in evaluating findings and performing root cause analysis.
- Demonstrated ability to work alone and/or within a small group.
- Either possess or obtain prior to start date ONE of the following certifications:
- CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER
- U.S. citizenship required.
- Active Secret security clearance.
Preferred:
- Active Top Secret or TS/SCI.
Benefits & conditions
Pulled from the full job description
- Parental leave
- 401(k)
- Health insurance
- Paid time off
- Vision insurance
- Health savings account
- Dental insurance, Target Salary Range: $66,000 - $106,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.