Jobs
>
Beltsville

    Penetration Tester - Beltsville, United States - SAIC

    SAIC
    SAIC Beltsville, United States

    3 weeks ago

    Default job background
    Description
    SAIC is seeking a highly motivated Penetration Tester.

    The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM).

    Duties are in the Washington, D.C. metropolitan area (30% in downtown D.C; 70% in Beltsville, MD.

    The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department's information technology (IT) infrastructure.

    The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners.

    The position allows hybrid remote work. Team is currently reporting onsite 3 days per week or more as needed.

    Description of Duties


    The Penetration Tester will provide support for HVA Assessments using methodology by Cybersecurity and Infrastructure Security Agency (CISA) Assessment Evaluation and Standardization (AES) program with broad and in-depth knowledge to conduct offensive cyber operations across the organization globally.

    In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape.


    The Penetration Tester will:


    Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk.


    Apply sound technical and management principles to identify and remediate cybersecurity vulnerabilities across the State Department global IT enterprise infrastructure.

    Apply organizational and process change principals.

    Evaluate system performance results, perform risk assessments, and evaluate performance metrics.


    Responsibilities include:
    Provide ad-hoc penetration testing and assessment services on Department of State systems identified by the leadership.

    Develop, Identify and resolve security vulnerabilities related to deployment and testing processes.

    Streamline and optimize processes and procedures in order to rapidly remediate vulnerabilities from cybersecurity threats.

    Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.

    Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.

    Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.


    Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise, or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and non-operational situations.


    Network Mapping include but are not limited to a network map of the organization's system that includes a visual representation of the organization's physical devices and digital network.


    Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).

    Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.

    Perform cybersecurity testing of developed applications and/or systems.

    Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.


    Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders.

    Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing.

    Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff.

    Qualifications

    Required Education & Experience

    Bachelor's and five (5) years or more experience; Master's and three (3) years or more experience.

    A degree in Cybersecurity or related field.

    4-6+ years penetration testing experience.

    Web application penetration testing, LPT, Source code vulnerability analysis, serious problem-solving skills experience.

    All penetration testers/operators must be DHS/CISA AES qualified within 90 days of onboarding.

    Required Clearance

    US Citizenship.

    Active Top Secret Clearance

    Desired


    4 years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).

    4-6 years Network penetration testing experience.

    In-depth experience in planning, implementing, and managing large/global enterprise infrastructures.

    Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).

    Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).

    Familiarity of Cobalt Strike, Nessus, Kali Linux, Burp Suite, Nmap and OpenVAS for databases.

    Knowledge of general attack stages.

    Skill in the use of social engineering techniques and using penetration testing tools.

    Familiarity with OMB, NIST, DHS, and related security guidelines and directives.

    Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.

    Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

    Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.

    Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.

    Countermeasures / mitigations to identified cybersecurity risks.

    Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration Protocol (DHCP), domain name system, and directory services.

    Certifications:
    LPT (Licensed Penetration Testers, Microsoft Certifications (MCSE, MCSA, MCSD),OSCP (Offensive Security Certification Professional), ISACA Certified Information Systems Auditor (CISA), SCP Security Certified Network Architect (SCNA), ISACA Certified Information Security Manager (CISM)

    SAIC accepts applications on an ongoing basis and there is no deadline.

    Covid Policy:
    SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.


    REQNUMBER:


    SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets.

    Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training.

    We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
  • JASINT

    Penetration Tester

    1 week ago

    JASINT Annapolis Junction, United States

    **Job Title**:Penetration Tester · **Location(s)**:Annapolis Junction, MD** Hours**:Regular Full-Time · **Clearance Requirements**: · **What you will be doing**: · - Serve as a Subject Matter Expert providing testing expertise of the Risk Management Framework. · - Direct and/or p ...

  • Professional Stewards Services (PSS), LLC

    Penetration Tester

    2 weeks ago

    Professional Stewards Services (PSS), LLC Washington, United States

    **Penetration Tester** · **We are seeking an energetic, self-starter to join our growing team.** · **Job Type**: Full-time, 40 hours per week · **Hours**: Monday through Friday · **Salary Range**: $135,000 · **Work location**: Remotely/Virtual · **Requirements**: Must be a US cit ...

  • SAIC Career Site

    Penetration Tester

    3 weeks ago

    SAIC Career Site BELTSVILLE, United States

    Description · SAIC is seeking a highly motivated Penetration Tester. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM). Duties are in the Washington, D.C. metropoli ...

  • EGlobalTech

    Penetration Tester

    2 weeks ago

    EGlobalTech Washington, United States

    **About the Role**: · **Responsibilities**: · - Perform penetration testing, software assurance, and vulnerability assessment in support of Federal customer, on site in Washington, DC. · - Interpret penetration testing results to identify and recommend corrective actions and/or m ...

  • Dark Wolf Solutions

    Penetration Tester

    17 hours ago

    Dark Wolf Solutions Herndon, United States

    **Duties/Responsibilities**: · **Required Qualifications**: · - 2+ years' experience in three or more specific areas to include: intelligence analysis, network engineering, networking security, penetration testing, red team operations, hardware engineering, software engineering, ...

  • Verite Group, Inc.

    Penetration Tester

    6 days ago

    Verite Group, Inc. Dulles, United States

    VGI is a 100% employee-owned custom software company supporting government missions and private sector enterprises for over two decades. VGI staff combine a strong technical prowess with a deep understanding of our customers and their operations. VGI can take your current network ...

  • Delmock Technologies Inc

    Penetration Tester

    2 days ago

    Delmock Technologies Inc Lanham, United States

    Job Description · Job DescriptionAbout Our Company: · Join Delmock Technologies, Inc. (DTI), a leading HUBZone business in Baltimore, known for delivering sophisticated IT and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the l ...

  • Infinity Systems

    Senior Penetration Tester

    6 days ago

    Infinity Systems Garten, WV, United States Freelance

    **Your task**: · As a **Senior Penetration Tester (m/f/d)**, you will independently advise our business customers at decision-maker and specialist level on all questions of cyber security and cyber defense. · In detail, your range of tasks includes the following areas: · - Indepe ...

  • Delmock Technologies

    Penetration Tester

    2 weeks ago

    Delmock Technologies Laurel, United States

    · About Our Company: · Join Delmock Technologies, Inc. (DTI), a leading HUBZone business in Baltimore, known for delivering sophisticated IT and Health solutions with a commitment to ethics, expertise, and superior service. Actively engaged in the local community, DTI creates o ...

  • Peraton

    Cyber Penetration Tester

    5 days ago

    Peraton Arlington, United States

    **About Peraton** · **Responsibilities** · Peraton is seeking an experienced **Cyber Penetration Tester** to become part of Peraton's Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable in ...

  • Strategic Analytix

    Penetration Tester

    2 weeks ago

    Strategic Analytix Fort George G Meade, United States

    About Strategic Analytix Strategic Analytix (SA) is an IT engineering and management consulting firm focuses on mission critical services and solutions to the Federal Government including the Department of Defense (DOD), the Intelligence Community (IC) and Civilian Healthcare age ...

  • Capstone Security

    Application Penetration Tester

    4 days ago

    Capstone Security Gaithersburg, United States

    At Capstone, we are always interested in talented individuals who can help us deliver the highest quality security services to our clients. If you're excited by challenge, motivated to be the best, and consider working hard/having fun equally important, don't hesitate to contact ...

  • Booz Allen Hamilton

    Penetration Tester

    3 weeks ago

    Booz Allen Hamilton Annapolis Junction, United States Full time

    Job Number: R0193630 · Penetration TesterKey Role: · Find possible vulnerabilities while using penetration testing tools and techniques, to ensure security of computer systems, applications, servers, or networks. Apply advanced consulting skills, extensive technical expertise, an ...

  • SAIC

    Penetration Tester with Security Clearance

    3 weeks ago

    SAIC Beltsville, United States

    You will need to login · before you can apply for a job. · Penetration Tester with Security Clearance · Description SAIC is seeking a highly motivated Penetration Tester. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department ...

  • Synergy Interactive

    Penetration Tester

    3 weeks ago

    Synergy Interactive Rockville, United States

    Synergy Interactive is partnered with a notable financial institution and they are seeking a skilled Penetration Tester (Ethical Hacker) to enhance their cybersecurity team. In this role, you will conduct rigorous assessments to identify vulnerabilities, ensuring the protection o ...

  • Peraton

    Penetration Tester

    2 weeks ago

    Peraton Washington, United States Full time

    Responsibilities · Peraton is seeking a Penetration Tester who will have the opportunity to provide support to technical processes and technical management processes in support of comprehensive test and evaluation associated with test support, operational verification of installa ...

  • Peraton

    Penetration Tester

    1 week ago

    Peraton Washington, United States

    About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deli ...

  • Fusion Technology LLC

    Penetration Tester

    2 days ago

    Fusion Technology LLC Washington, United States

    Job Description · Job DescriptionPenetration Tester · Who are you? · Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Hom ...

  • Silotech Group, Inc

    Penetration Tester

    2 weeks ago

    Silotech Group, Inc Washington, United States

    Overview Silotech Group provides Advanced Cyber Solutions, Intelligence Solutions, Enterprise/Cloud IT Services and Products, and Managed IT/Security Services to Federal, State, and Commercial clients. We provide Federal Government and Commercial clients with customized, agile te ...

  • Synergy Interactive

    Penetration Tester

    3 weeks ago

    Synergy Interactive Rockville, United States

    Synergy Interactive is partnered with a notable financial institution and they are seeking a skilled Penetration Tester (Ethical Hacker) to enhance their cybersecurity team. In this role, you will conduct rigorous assessments to identify vulnerabilities, ensuring the protection o ...