Note: US citizens and Green card holders are encouraged to apply, as we are unable to sponsor a visa at this time.
Job Description: Systems Analyst III - Penetration Testing (Raleigh NC or Eagan MN areas only) This is an onsite role
Systems Analyst supporting the Vulnerability Management & Assessments (VMA) program at the Client. The resource will be supporting Penetration Testing (PEN) and will be working with the RISK: (VMA) Team, and will be responsible for working in a team environment to conduct research/analysis of current and emerging Cyber Threats. Will define requirements, test concepts, test equipment, develop data collection requirements for tests.
•Highly skilled in web application testing, API testing, and network testing
•Prior experience with Burp Suite Professional, or other similar DAST tools
•Experience with Kali Linux and most of the tools available in the distro for penetration testing
•Experience with tools such as Metasploit Pro and Cobalt Strike for red team operations
•Experience with Red Team engagements from planning to execution
•Experience with phishing network users to gain access for lateral movement on the network
•Experience with Purple Team engagements to test monitoring controls in coordination with engineering teams and CSOC teams.
•Proficiency in scripting, such as Python and/or Powershell
•Experience with penetration testing supporting PCI-DSS
•Technical writing skills, along with ease in communicating concepts related to security vulnerabilities and attack path scenarios.
•Familiar with OWASP Application Security Verification Standard (ASVS) and MITRE ATT&CK framework
•Penetration testing certification recommended. Acceptable certifications: Offensive Security Certified Professional (OCSP), Global Information Assurance Certification (GIAC) Certifications (e.g., GIAC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), or GIAC Exploit Researcher and Advanced Penetration Tester (GXPN))
•May provide supervisory, technical, and administrative direction for personnel performing system development tasks, including the review of work products for correctness, adherence to the design concept and to user standards, and for progress in accordance with schedules.
•Formulates statements of management, scientific and business problems, and devises procedures for solutions of problems.
•4 years related work experience or eight years related work experience post high school
•3 years experience in information systems programming
•3 years experience in systems specification or structured analysis
•3 years experience with project or process management
Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security (Masters Degree preferred)
-Certified Information System Security Professional (CISSP)
• Must be able to obtain a Position of Public Trust Clearance
• Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
• Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
• If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
• All candidates must be a US Citizen, or have permanent residence status (Green Card).
• Candidate must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
• All overtime must be pre-approved in writing by the client manager or his/her designated representative.