Penetration Testing SME

October 25

Apply Now

Receive Emails with Similar Jobs

Agile Defense

WebsiteLinkedInAll Job Openings

IT Engineering Support Services • Cybersecurity Support Services • C4ISR Support Services • Systems Integration Support Services • Robotics Process Automation

501 - 1000

Description

• At Agile Defense, we know action defines outcome and embrace change courageously. • Our vision is to bring adaptive innovation to support our nation's important missions. • Requisition #: 643 • Job Title: Penetration Testing SME • Location: Remote (Alexandria, VA) • Clearance Level: Active DoD - Secret • The USPTO's Cybersecurity Division seeks to enhance Pen Test resources. • The candidate must have experience in offensive security, attack simulation, and scripting. • Strong technical abilities are required, with a focus on operational impact. • The role includes conducting tests and articulating security issues effectively. • Potential interaction with production teams of assessed systems is necessary.

Requirements

• Required Certifications • PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hire • Bachelor’s degree/University degree or equivalent experience • Extensive experience working with Offensive Security Methodologies and Attack Simulation Techniques • Offensive Security testing tools. e.g., Cobalt Strike, Kali Linux, Bloodhound, Red Team Toolkits • Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact • Deep understanding of OSI model • OS Security. e.g. Unix/Linux, Windows, OSX • Understanding of common protocols. e.g. HTTP, LDAP, SMTP, DNS • Web application infrastructure. e.g. Application Servers, Web Servers, Databases • Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations • Advanced analytical and problem-solving skills • Consistently demonstrates clear and concise written and verbal communication • Proficient in interpreting and applying policies, standards and procedures • Demonstrated ability to remain unbiased in a diverse working environment • Experience leveraging the MITRE ATT&CK Framework • Vulnerability Assessment tools. e.g., Nessus, Qualys, Rapid7 • Social Engineering campaigns. e.g. email phishing, phone calls, SET • Security devices, i.e. Firewalls, VPN, AAA systems • Web development and programming languages. e.g. Python, Perl, Ruby, Java, .Net