Position Description: Penetration Tester, San Diego CA. Salary at or above industry standard. JTT offers medical, dental, vision, 401(k) corporate match, bi-weekly pay, and a generous PTO policy accrued with payroll.
• Perform Red Teaming/Blue Teaming risk analysis and risk assessments to aggregate system risk on development systems in Labs and controlled environments.
• Map security analysis results to NIST 800-53 security controls.
• Plan, execute and document security risk assessments such as Green Teaming, Blue Teaming, Red Teaming, (Cooperative and Non Cooperative).
• Conduct complex system architecture analysis and security table top assessments, and provide written reports.
• Prepare and execute Red Team/Blue Team/Green Team test plans
• Interpret and validate ACAS scan results as part of system risk assessments
• Work in a team environment to achieve the Cyber Pen Test goals across the development lifecycle for Navy networked systems
Required Experience: 5 or more years of relevant experience of which:
• 2 years Red /Blue/Green Teaming: In Depth Knowledge and experience of Vulnerability Analysis, Pen Test and tools, aggregation of security risks
• 5 years combined using 3 or more of the following tools: Candidates should SHOW THE TOOLS OF your preference. For Example: NMap, NESSUS, WIRESHARK, HPing Nemesis, PW Crackers, Web Scanners, and exploitation (Metasploit for ex).
• 1 year Experience with packet injection and MIM attacks.
• In Depth Knowledge of Vulnerability mapping, scanning and discovery tools
• 3 years of experience analyzing scan results and performing false positive/false negative resolution.
• 2 years of experience contributing to or drafting Security Test and Evaluation Reports
• Demonstrated ability to effectively function in a multi-system and/or multi-application environment
Security Clearance: Yes
Education: Bachelor’s Degree and 5 years of experience, or no degree and 9 years of relevant experience. Degree is from an accredited institution in: information systems, computer science, math, or engineering or requisite experience.
Certifications: CPT, CEPT, CEH, SANS GIAC GPEN, etc…. Or Baseline certification as stipulated in DoD 8570.01-M for IAT 3 or IAM 3, and willingness to obtain “computer network offensive” certification within 1 year.
Military Specific Experience: Veteran status is a plus.