Red Team Security Engineer - Virginia Beach, United States - Millennium Corporation

    Millennium Corporation
    Millennium Corporation Virginia Beach, United States

    1 month ago

    Default job background
    Technology / Internet
    Description

    Millennium Corporation is hiring a Red Team Security Engineer to work in Virginia Beach. The candidate must have an active TS/SCI clearance. This is a hybrid role

    The ideal candidate will:

    • Provide Cybersecurity Test and Evaluation Support. This effort covers all aspects of Cyber testing to include beginning with planning requirements and concluding providing reports and recommended solutions.
    • Provide support by utilizing experience in automation using Powershell, PowerAutomate, Logic Apps, Graph API.
    • Provide support by utilizing experience conducting Red Team operations in an MDE environment.
    • Provide support by utilizing experience with AWS, Cloud Audit, Serverless and Microservice Architecture.
    • Provide support utilizing experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services.
    • Provide support by performing web application and API penetration testing, and Cloud Security Audits.
    • Provide support by utilizing experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP).
    • Providing support by writing proof of concept code to demonstrate the severity of a potential security issues.

    Qualifications:

    • Candidate must have an active TS/SCI security clearance.
    • With an accredited bachelor's degree within a relevant area the candidate must have a minimum of 6 years of experience. With a masters degree, a minimum of 3 years of experience.
    • Must have a CFR, Cloud+, CySA+, GCED, GICSP or PenTest+ certification.
    • Must also possess a Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE) or Offensive Security Wireless Professional (OSWP) certification.
    • Demonstrated experience performing vulnerability assessments with the Assured Compliance Assessment Solution (ACAS) tool.
    • Demonstrated experience utilizing penetration tools and mimicking threat behavior.
    • Demonstrated experience with performing STIG assessments to include using SCAP benchmarks.
    • Shall have demonstrated experience utilizing packet analyzer tools such as Wireshark and tcpdump.