Red Team Penetration Tester ** jobs in United States
info-icon
This job has closed.
company-logo

SimVentions · 18 hours ago

Red Team Penetration Tester **

positionKing George, VA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$90K/yr - $150K/yr
date5+ years exp

SimVentions is consistently voted one of Virginia's Best Places to Work, and they are looking for an experienced Red Team Penetration Tester to conduct penetration testing and offensive cybersecurity operations for the U.S. Government and DoD systems. The role involves collaborating with Blue Team and Cybersecurity professionals to enhance the overall cyber posture.

Cyber SecurityInformation TechnologySimulation
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Debug and reverse engineer software
Analyze Windows Events and Linux syslog's, boot logs and dmesg logs
Program and debug Web 2.0, Java, Perl, Ada, C++, Tool Command Language (tcl/tk) scripts and graphical user interfaces (GUis) using Microsoft Visual tel and Rational ClearCase for software configuration management
Program and debug Web 2.0, Java, Perl, Ada, C++, Tool Command Language (tcl/tk) scripts and graphical user interfaces (GUis) using Microsoft Visual tel and Rational ClearCase for software configuration management
Recommend software modifications to systems to mitigate known vulnerabilities
Operate and administrate computer systems running HP-UX, UNIX, Solaris, Linux and Microsoft Windows
Identify security flaws in compiled and human readable source code
Understand code utilizing real-time VxWorks and Lynx OS operating systems, Common Object Resource Broker Architecture (CORBA), firewalls and networking protocols
Understand how to implement NSA approved encryption technologies and devices
Apply DISA Security Technical Implementation Guides (STIGs)
Apply virtual hosting and server technology in system architectures
Understand and apply the concept of deceptive technology such as honey pots in system architectures
Participate in Code Reviews
Perform Static Source Code Analysis
Author recommendations for improving software and code design
Contribute to a System Security Administrator and Operators Manual (SSAOM)

Qualification

Penetration TestingRed Team OperationsCommon PENTEST toolsLinuxWindowsPythonAWS servicesWeb Penetration TestingSecurity CertificationsTool/Software DevelopmentAutomation using PowershellCapture the Flag participationSecurity research

Required

An ACTIVE Top Secret Clearance with SCI Eligibility is required for this position
Five (5) years' experience in software engineering applied to program development; modeling and simulation applied to DoD or Information Technology systems
Linux and Windows
Strong working knowledge of common Penetration Testing (PENTEST) tools: Kali, Metasploit, NMAP, Cobalt Strike
Penetration Testing (PENTEST)
Red Team Operations
Tool/Software Development (exploits/malware, C2, reverse engineering, bug bounties)
Python, C, C Sharp, C++, Go, Perl, Powershell
Web Dev/Web App Dev/Web Penetration testing
NSX, vCenter, vRealize Suite, Horizon View (VDI) and others
PAN-OS
FirePower, Nexus, IOS, ASA
ONTAP, SnapMirror
Active-Directory
Entra ID (Azure AD), Active Directory, SSO, MFA, Azure application integration, Identity Federation
Automation using Powershell, PowerAutomate, Logic Apps, Graph API
Microsoft Entra ID and Microsoft 365 in a hybrid environment
Experience with Palo Alto, Cisco, VMWare, NetApp and Microsoft products
Extending or integrating on premises AD with Entra ID
Managing identity and access in Microsoft Entra ID
Experience conducting Red Team operations in an MDE environment
Experience with AWS, Cloud Audit, Serverless and Microservice Architecture
Experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services
Experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP)
PHP, ASP, SQL db's, Java, HTML, No SQL
Minimum certification one of the following: Security+, CCNA Security, CySA+, GICSP, SSCP
Minimum certification as penetration tester and possess one of the following certificates: Offensive Security Certs: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), Offensive Security Wireless Professional (OSWP)
SANS Certs: SEC560 - Network Penetration testing and Ethical Hacking (GPEN Certification), SEC542 - Web App Penetration Testing and Ethical Hacking (GWAPT Certification), SEC660 - Advance Penetration Testing. Exploit Writing, and Ethical Hacking (GXPN Certification), SEC642 - Advanced Web App Penetration Testing and Ethical Hacking, SEC564 - Red Team Operations and Threat Emulation
OSD Sponsored Cyber Operation Academy Course (COAC) graduates
Capture the Flag (CTF) participation (DEFCON, Over-The-Wire (OTW), Hack the Box, USS Secure CTF's)
Security research resulting in a Common Vulnerabilities and Exposures (CVE)
High School Diploma or GED equivalent

Benefits

Medical, dental, vision, and prescription drug coverage
Employee Stock Ownership Plan (ESOP)
Competitive 401(k) programs
Retirement and Financial Counselors
Health Savings and Health Reimbursement Accounts
Flexible Spending Accounts
Life insurance, short- & long-term disability
Continuing Education Assistance
Paid Time Off, Paid Holidays, Paid Leave (e.g., Maternity, Paternity, Jury Duty, Bereavement, Military)
Third Party Employee Assistance Program that offers emotional and lifestyle well-being services, to include free counseling
Supplemental Benefit Program
Employee Ownership: Work with the best and help build YOUR company!
Family focus: Work for a team that recognizes the importance of family time.
Culture: Add to our culture of technical excellence and collaboration.
Dress code: Business casual, we like to be comfortable while we work.
Resources: Excellent facilities, tools, and training opportunities to grow in your field.
Open communication: Work in an environment where your voice matters.
Corporate Fellowship: Opportunities to participate in company sports teams and employee-led interest groups for personal and professional development.
Employee Appreciation: Multiple corporate events throughout the year, including Holiday Events, Company Picnic, Imagineering Day, and more.
Founding Partner of the FredNats Baseball team: Equitable distribution of tickets for every home game to be enjoyed by our employee-owners and their families from our private suite.
Food: We have a lot of food around here!

Company

SimVentions

twittertwittertwitter
company-logo
SimVentions is an information technology company providing system engineering and security engineering services.
dateFounded in 2000
location
Fredericksburg, Virginia, USA
people-size201-500 employees
web-link
http://simventions.com

Funding

Current Stage
Growth Stage
Total Funding
$0.09M
2014-01-17Seed· $0.09M

Leadership Team

leader-logo
Paul Gustavson
Co-founder and CTO
linkedin
Company data provided by crunchbase