View all jobs
PENETRATION TESTER (SECRET CLEARANCE REQUIRED)
Linthicum Heights, MD · Information TechnologyNorthHill Technology Resources has an urgent need for a Pentester to support a Federal Program in Linthicum, MD. This is a direct-hire role with our client, a growing Cybersecurity firm. Due to the nature of the work, US Citizenship and an active Secret Clearance is required.
Pentester
Education/Experience Requirements: BS 8+, MS 6+, PhD 3+ years relevant experience Clearance Requirements: Active Secret (TS/SCI preferred) as confirmed in DISS
Description:
The Department of Defense (DoD) Cyber Crime Center (DC3) DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) penetration testers conduct Adversary Emulation Tests (AETs) against DIB Partners’ external and internal networks, upon request, associated with the processing of Covered Defense Information (CDI). These AETs assess the company’s cybersecurity posture and network configurations and controls to identify vulnerabilities on DIB Partners’ network infrastructures by leveraging adversarial tactics, techniques, and procedures (TTPs) in accordance with an established penetration testing framework.
Qualifications:
• Experience and familiarity with the assessment methods defined in NIST SP 800-30 and NIST SP 800-53A
• Experience in drafting written reports
• Extensive experience in reviewing and examining data and information that supports cybersecurity assessments
• Experience in pen testing fundamentals
• Experience in Kali Linux and its toolsets, including Metasploit
• Experience in pen testing tools including scanners like Nessus and Nmap
A minimum of three years of the following experience:
• Performing authorized pen testing on enterprise networks
• Gaining access to targeted networks
• Applying expertise to enable new exploitation and maintaining access
• Obeying appropriate laws and regulations
• Providing infrastructure analysis
• Performing analysis of physical and logical digital technologies
• Conducting in-depth target and technical analysis
• Creating exploitation strategies for identified vulnerabilities
• Monitoring target networks; and
• Profiling network users or system administrators and their activities
Preferred: One or more nationally recognized information system auditing certifications
• OSEP (Offensive Security Experienced Penetration Tester)
• OSCP (Offensive Security Certified Professional)
• GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
• GPEN (GIAC Certified Penetration Tester)
• LPT (Licensed Penetration Tester)
Pentester
Education/Experience Requirements: BS 8+, MS 6+, PhD 3+ years relevant experience Clearance Requirements: Active Secret (TS/SCI preferred) as confirmed in DISS
Description:
The Department of Defense (DoD) Cyber Crime Center (DC3) DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) penetration testers conduct Adversary Emulation Tests (AETs) against DIB Partners’ external and internal networks, upon request, associated with the processing of Covered Defense Information (CDI). These AETs assess the company’s cybersecurity posture and network configurations and controls to identify vulnerabilities on DIB Partners’ network infrastructures by leveraging adversarial tactics, techniques, and procedures (TTPs) in accordance with an established penetration testing framework.
Qualifications:
• Experience and familiarity with the assessment methods defined in NIST SP 800-30 and NIST SP 800-53A
• Experience in drafting written reports
• Extensive experience in reviewing and examining data and information that supports cybersecurity assessments
• Experience in pen testing fundamentals
• Experience in Kali Linux and its toolsets, including Metasploit
• Experience in pen testing tools including scanners like Nessus and Nmap
A minimum of three years of the following experience:
• Performing authorized pen testing on enterprise networks
• Gaining access to targeted networks
• Applying expertise to enable new exploitation and maintaining access
• Obeying appropriate laws and regulations
• Providing infrastructure analysis
• Performing analysis of physical and logical digital technologies
• Conducting in-depth target and technical analysis
• Creating exploitation strategies for identified vulnerabilities
• Monitoring target networks; and
• Profiling network users or system administrators and their activities
Preferred: One or more nationally recognized information system auditing certifications
• OSEP (Offensive Security Experienced Penetration Tester)
• OSCP (Offensive Security Certified Professional)
• GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
• GPEN (GIAC Certified Penetration Tester)
• LPT (Licensed Penetration Tester)