Penetration Tester - Level 1

Bogart Associates is looking for a Level 1 Penetration Tester to join our team! In this role you will be responsible for simulating adversary tactics and working with other threat analyst team members to inform the proactive identification of cyber threats with the goal to prevent and eradicate threats to critical U.S. systems. You will work as part of a team that analyzes disparate data sets to discover and inform cyber operations. This role requires a firm understanding of offensive cyber strategies, adversarial attack methodologies, and defensive strategies.

• Experience working in the areas of intelligence, information security, network forensics, insider threat or security operations.
• Experience in cyber security with a focus on red teaming, penetration testing, or threat hunting
• Strong understanding of network protocols and troubleshooting, server and workstation operating systems, exploits and vulnerabilities, and penetration testing and/or red teaming
• Strong working knowledge of common penetration tools, tactics, techniques, and procedures
• Experience with cloud environments
• Strong understanding of penetration testing methodologies (MITRE ATT&CK, OWASP)
• Ability to research, develop, and maintain knowledge of penetration testing tools, tactics, techniques, and procedures
• Ability to incorporate threat intelligence data into attached or penetration testing scenarios
• Ability to read/write code using interpreted languages (Python, PHP, Ruby, etc.)
• Experience with simulated/emulated environments and/or virtualization technologies
• Experience with orchestration tools and virtualization environments (Docker, Kubernetes, etc.)
• Experience with industrial control systems deployment, security best practices, vulnerabilities, and penetration testing
• Strong knowledge of ICD 503 and the Government's certification and accreditation process
• Knowledge of networks, computer components, system protocols, and COTS technology
• Understanding of system methodologies including client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers
• Experience with software integration of COTS and Government Off-the-Shelf (GOTS) products
• Experience with Windows, Linux, Unix, and Mac OS X administration
• Experience with VMware, Xen, Hyper V and other virtualization platforms
• Experience with software engineering, program design and implementation, configuration management, system maintenance, integration testing, information system engineering, penetration testing and analysis
• Experience with system certification activities and efforts related to system certification and accreditation
• Research, development, integration, and distribution of information systems security tools and associated documentation
• Security procedures for systems and software within area of expertise to ensure consistent security policy implementation

What Required Skills You'll Bring:

• Active TS/SCI with CI Poly security clearance
• Bachelor's Degree with 0-2 years of relevant experience. Additional education can count in lieu of years of experience, and additional years of experience can count in lieu of a degree.