skip to Main Content

Penetration Testing SME II

Full Time
Atlantic City, NJ, Washington, DC
Posted 4 months ago

Performs penetration testing of the ATO NAS security posture to provide detailed analysis and identification of application, system, and network vulnerabilities; gaps in IT security guidance, and assessment of patching/mitigation methodologies. Acts as Ethical white hat attacker (red teamer) to simulate cyberattacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks. Develops and prepares penetration testing Rules of Engagement, test plans, and reports. Provides recommended remediation actions to lower overall risk exposure, as required Provides technical expertise on penetration testing tools and simulation environment.

Experience/Skills Required:

  • Bachelor’s Degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics.
  • 8 years’ experience related to the work/responsibilities outlined in the Position Description.
  • If required, the Government may request additional specialized experience relevant to the environments or system being tested.
  • At least 2 years of the relevant experience must be recent, i.e. performed within the last 3 years.
  • At least one of the Red Teaming and/or Blue Teaming Certifications listed below:
    • Offensive Security Certified Professional (OSCP)
    • Offensive Security Certified Expert (OSCE)
    • Offensive Security Wireless Professional (OSWP)
    • Offensive Security Web Expert (OSWE)
    • Certified Ethical Hacker (CEH)
    • EC-Council Certified Security Analyst (ECSA)
    • Certified Ethical Hacker (CEH)
    • Practical EC-Council Certified Security Analyst (ECSA)
    • Practical Licensed Penetration Tester (LPT)
    • Master Certified Incident Handler (GCIH)
    • Penetration Tester (GPEN)
    • Web Application Penetration Tester (GWAPT)
    • Exploit Researcher and Advanced Penetration Tester (GXPN)
    • Assessing and Auditing Wireless Networks (GAWN)
    • Certified Network Defender (CND)
    • Certified Network Defense Architect (CNDA)
    • Certified Incident Handler (GCIH)
    • Certified Intrusion Analyst (GCIA)
    • Defending Advances Threats (GDAT)
    • Defensible Security Architecture (GDSA)
    • Certified Enterprise Defender (GCED)
    • GIAC Certified Forensic Analyst (GCFA)

Allowable Substitutions:

• A Master’s degree in an appropriate discipline will be considered equivalent to two (2) years of relevant experience. A doctoral or Ph.D. degree in an appropriate discipline will be considered equivalent to four (4) years of relevant experience.

• Eight (8) years of relevant experience over and above the minimum experience requirements for the position will be considered equivalent to a Bachelor’s degree.

• Six (6) years of relevant experience over and above the minimum experience requirements for the position will be considered equivalent to a Bachelor’s degree, when combined with a certification listed or equivalent certification not already required.

• Three (3) years of relevant experience over and above the minimum experience requirements for the position will be considered equivalent to an Associate’s degree.

• An accredited bachelor’s or Master’s degree not listed or not considered equivalent will be counted as one (1) year of relevant experience; an accredited Ph.D. degree not listed or not considered equivalent will be counted as (2) two years of relevant experience.

• Five (5) additional years of project management experience will be considered equivalent to a Project Management Professional (PMP) certification.

• Any other substitutions for Certification requirements must be submitted for approval by the Government.

Job Features

Job CategoryIT

Apply Online

Back To Top