US
0 suggestions are available, use up and down arrow to navigate them
Vulnerability Analyst and PenTester L...

Apply to this job.

Think you're the perfect candidate?

Vulnerability Analyst and PenTester Lead with Security Clearance

Sev1Tech Chandler, AZ (Onsite) Full-Time
Overview/ Job Responsibilities Sev1Tech is looking for a Vulnerability Analyst/PenTester Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety
The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support
Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS
Responsibilities include but are not limited to:
• Conduct Vulnerability Assessment scans for Headquarters and Subscriber systems and networks to identify potential computer security vulnerabilities, risks, and threats
• Operate, and maintain assessments and the resulting Vulnerability Assessment data and reports
• Support the NOSC enclave, HSEN, and Redundant TICs through the conduct of scheduled and ad-hoc vulnerability assessment scanning.
• Scanning shall include:
• Host-based and vulnerability assessments
• Network vulnerability assessments
• Database vulnerability assessments
• Web-based vulnerability assessments
• Cloud-based vulnerability assessments
• Employ ad-hoc or emergency vulnerability scanning to support targeted incident investigation, escalation, and emergency response to security events in accordance with documented procedures
• Coordinate with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities
• Conduct High Value Asset assessments and penetration tests and conduct or assist with penetration tests as requested by Components, System Owners, Information System Security Managers, or Information System Security Officers in support of Security Controls Assessments, continuous monitoring, and FISMA requirements
• Provide penetration testing summary reports, in accordance with the signed Rules of Engagement (ROE) document, to the appropriate System Owner/ISSM/ISSO, Government lead, DHS Program Manager and document the findings
• Prepare and submit security testing Rules or Engagement (ROE) for High Value Assets (HVA), Internal & External Threat Assessments, prior to conducting penetration testing and ensure that the ROE provide the operational security controls to protect both the system and network Minimum Qualifications
• BA or BS degree in Information Technology, Computer Science, or related degree
• At least eight (8) years experience performing cybersecurity work
• At least six (6) years of experience providing vulnerability assessment and PenTesting services to federal customers
• Experience with host-based and vulnerability assessments; Network vulnerability assessments; Database vulnerability assessments; Web-based vulnerability assessments;and Cloud-based vulnerability assessments
• In-depth knowledge of security frameworks, standards, and best practices
• Proficiency in using security platforms and tools for assessment and testing purposes including some or all of the following:
• Astra Security
• Rapid 7/Metasploit Pro
• Cobalt
• GitHub Nikto
• OWASP ZAP
• Wireshark
• OnSecurity
• Tenable/Nessus
• W3AF
• NMap
• BurpSuite
• Qualys Cloud Platform
• Kali Linux
• Working knowledge of the various operating systems and platforms (e.g., Windows, OS X, Linux, Solaris, RHEL, SunOS, IBM z/OS Mainframe etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g
TCP, UDP, ICMP, BGP, MPLS, etc.) and common Internet applications and standards (e.g
SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
• Strong analytical and problem-solving skills
• Excellent communication and collaboration abilities
• One or more of the following Certifications:
• Certified Ethical Hacker (CEH)
• Licensed Penetration Tester Master (LPT)
• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN) Certification
• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Certification
• CompTIA PenTest+
• Ability to provide proof of U.S
Citizenship in order to obtain a Dept of Homeland (DHS) Public Trust clearance Desired Qualifications
• DHS experience
• DoD and or Intel Community experience About Sev1Tech LLC Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery
Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients
Our Mission is to Build better companies
Enable better government
Protect our nation
Build better humans across the country
Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression
Please apply directly through the website at: #joinSev1tech For any additional questions or to submit any referrals, please contact: Sev1Tech is an Equal Opportunity and Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Recommended Skills

  • Active Directory Group
  • Analytical
  • Apple Ios
  • Assessments
  • Border Gateway Protocol
  • Burpsuite

Apply to this job.

Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job: Report this job

Job ID: 8340_7545114

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.