PROCESSING APPLICATION
Hold tight! We’re comparing your resume to the job requirements…
ARE YOU SURE YOU WANT TO APPLY TO THIS JOB?
Based on your Resume, it doesn't look like you meet the requirements from the employer. You can still apply if you think you’re a fit.
Job Requirements of Penetration Tester with Security Clearance:
-
Employment Type:
Full-Time
-
Location:
Beltsville, MD (Onsite)
Do you meet the requirements for this job?
Penetration Tester with Security Clearance
The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM)
Duties are in the Washington, D.C
metropolitan area (30% in downtown D.C; 70% in Beltsville, MD
The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department's information technology (IT) infrastructure
The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners
Work is performed onsite 3+ days/week in a 24x7x365 operation and shifts available are to be determined
Description of Duties: The Penetration Tester will provide support for HVA Assessments using methodology by Cybersecurity and Infrastructure Security Agency (CISA) Assessment Evaluation and Standardization (AES) program with broad and in-depth knowledge to conduct offensive cyber operations across the organization globally
In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape
The Penetration Tester will:
• Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk.
• Apply sound technical and management principles to identify and remediate cybersecurity --vulnerabilities across the State Department global IT enterprise infrastructure.
• Apply organizational and process change principals.
• Evaluate system performance results, perform risk assessments, and evaluate performance metrics
Responsibilities include:
• Provide ad-hoc penetration testing and assessment services on Department of State systems identified by the leadership.
• Develop, Identify and resolve security vulnerabilities related to deployment and testing processes.
• Streamline and optimize processes and procedures in order to rapidly remediate vulnerabilities from cybersecurity threats.
• Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
• Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
• Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
• Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise, or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and non-operational situations.
• Network Mapping include but are not limited to a network map of the organization's system that includes a visual representation of the organization's physical devices and digital network.
• Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).
• Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.
• Perform cybersecurity testing of developed applications and/or systems.
• Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
• Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders.
• Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing.
• Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff
Qualifications Required Education & Experience
• Bachelor's and five (5) years or more experience; Master's and three (3) years or more experience.
• A degree in Cybersecurity or related field.
• 4-6+ years penetration testing experience.
• Web application penetration testing, LPT, Source code vulnerability analysis, serious problem-solving skills experience.
• All penetration testers/operators must be DHS/CISA AES qualified within 90 days of onboarding
Required Clearance
• US Citizenship.
• Active Top Secret Clearance
SAIC accepts applications on an ongoing basis and there is no deadline
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters
Customer site vaccination requirements must be followed when work is performed at a customer site.
Recommended Skills
- Assessments
- Certified Information Security Manager
- Criminal Justice
- Information Technology
- Infrastructure Management
- Leadership
Help us improve CareerBuilder by providing feedback about this job: Report this job
Job ID: 8340_7791115
CareerBuilder TIP
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.
By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.