Pen Test Operator
| Company | Guidehouse |
|---|---|
| Location | Washington, DC, USA, Beltsville, MD, USA |
| Salary | $113000 – $188000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Mid Level, Senior |
Requirements
- An ACTIVE and MAINTAINED SECRET Federal or DoD security clearance
- Bachelor’s degree
- THREE or more years’ experience relevant to Penetration Testing or IT Systems Configuration or Risk and Vulnerability Assessment or Cybersecurity and/or IT Technology Consulting
Responsibilities
- Conduct penetration testing activities on High Value Asset (HVA) systems
- Perform network mapping and reconnaissance, documenting Rules of Engagement to guide the scope, developing test plan, and assisting with acquiring management approval
- Conduct a variety of penetration tests based on system’s criticality, test objectives, and organization’s requirements
- Work with IT personnel to define scope for targeted testing
- Mimic an outside attacker to gain access to system and what information can be accessed
- Mimic an insider attack to determine risk employees with various access levels pose to the organization
- Focus testing activity towards accessing specific target datasets
- Analyze test results, develop a report on discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities
Preferred Qualifications
- An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance
- Master’s Degree preferred
- CISA AES HVA Assessment certification with proof of certification as a CISA-AES HVA Pen Test Operator
- Experience supporting US government cybersecurity programs
- CISSP or CISM
- Experience managing direct client engagement team to deliver impactful support to Federal clients
- Experience with managing/supporting and/or knowledge of cybersecurity or HVA Program
- One of the following certifications: Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification
- Experience conducting HVA assessment or performing Risk and Vulnerability Assessments
- Knowledge of Cybersecurity Framework, Risk Management, NIST 800-83 Rev 5
- Experience developing and maintaining working relationships while serving Federal clients onsite
- Ability to identify obstacles and opportunities that impact the success of plans or initiatives
- Excellent oral and written communication and presentation skills
- Ability to communicate effectively and demonstrate leadership when interacting with clients and fellow team members