CND – Penetration Tester – Multiple Openings

Website Applied Network Solutions, Inc.

Clearance:

TS/SCI

 

Description:

Responsible for conducting a holistic evaluation of a system or application; analyzing, evaluating and identifying vulnerabilities and zero days and developing exploits to take advantage of these identified security flaws. Conducting penetration testing, reverse engineering and development of code/scripts to leverage attack vectors; conduct vulnerability and compliance assessments on Windows and UNIX/Linux hosts; identifying vulnerabilities, analyzing results, manually verifying findings to eliminate false positives or negatives, and capturing artifacts to provide evidence of exploitable vulnerability

 

Responsibilities

  • Utilize intimate familiarity with operating from the UNIX/Linux command line.
  • Successfully execute network mapping to identify live hosts and active ports, protocols and services (PPS) and analyze the results of NMAP data to identify risky PPS.
  • Conduct vulnerability and compliance assessments on AF/DoD systems for Cyber Vulnerability Assessments (CVA); upon demonstrated ability and customer acceptance, conduct penetration test activities; familiarity with Wireshark/TCP Dump and common network vulnerability and compliance scanners such as Nessus, Nexpose, SCAP Compliance Checker, etc., beneficial.
  • Methodically analyze problems, identify solutions and remain composed in potentially stressful situations.
  • Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability.
  • Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments.
  • Exhibit good writing and communications skills, to include the ability to render concise reports, summaries and formal oral presentations.
  • Understand and be proficient in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events.

 

Qualifications

  • Must have an active TS/SCI clearance.
  • Must possess or be willing to obtain a DoD 8570 IAT Level 3 (CISSP, CASP, etc.) certification and a penetration test certification (i.e., GPEN, GXPN, GWAPT) within 6 months.
  • Minimum Bachelor’s degree and 2 years’ experience; Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science.
  • Experience in working with and in a network systems security environment with a focus on security and information assurance (5 years).
  • Must have thorough knowledge of common network ports and protocols.
  • Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models.
  • Experience with Bash and Power Shell.
  • Experience in one of the following scripting languages: Perl, Python or Ruby is required.
Upload your CV/resume or any other relevant file. Max. file size: 99 MB.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search