Apply on Employer Site

Peraton · 1 month ago

Lead Penetration Tester

US-AZ-Fort Huachuca

Full-time

Onsite

Senior Level, Lead/Staff

$104K/yr - $166K/yr

6+ years exp

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. They are seeking a TS/SCI cleared Lead Penetration Tester to support foundational services focused on improving capabilities and conducting penetration testing to assess the defensive security posture of the Army network.

Information TechnologyRobotics

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Utilize offensive toolsets such as Metaspolit and Kali Linux to safely analyze and penetration test production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer

Identify and investigate vulnerabilities, asses exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems

Perform planning, execution, and documentation of penetration testing missions in accordance with Red Team methodologies

Perform web application testing using tools such as Burp Suite, Zap Proxy, Skipfish and Nikto, and open-source toolsets

Travel to customer sites to perform network security evaluations, penetration tests, and brief customers on findings

Perform daily cyber threat research and present findings to the organization to maintain knowledge of current adversary tactics, techniques and procedures and how to apply them. Brief staff and leadership on these findings

Perform open-source intelligence gathering to prepare for missions

Write reports of vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture

Assist all sections of the Defensive Cyber Operations team as required in performing Analysis, System Administration, and other duties as assigned

Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations

Write reports of remotely exploitable vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture

Prepare and present technical reports and briefings

Qualification

Certified Penetration TesterPenetration Testing MethodologyNetworking ProtocolsOffensive Security OSCPFluency in Programming LanguagesScripting LanguagesJudgmentTechnical WritingSelf-starter

Required

Active Top-Secret/SCI

Minimum of 6 years technical experience

Certification requirement: Certified Penetration Tester (GPEN) OR Certified Ethical Hacker (CEH) OR meets current DCWF qualification requirements DCWF Code: 541 – Advanced (Masters an IT field OR Applicable Military Training OR one of the following: CFR, CISA, CISM, CySA+, GPEN, GSNA

Must possess an active, OR have the ability to obtain within 90 days of hire date, an ITIL Foundations Certification

Must have a full, complete, and in-depth understanding of all aspects of Defensive Cyber Operations

Must possess an in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc

Must have a solid understanding of networking protocols, their uses, and their potential misuses

Programming experience in one or more languages, experience in HTML/CSS or SQL

Experience with one or more scripting languages such as PowerShell, Bash, Python or Perl