What are the responsibilities and job description for the Penetration Tester - Security Clearance Required position at SAIC?
Description
SAIC is seeking a highly motivated Penetration Tester. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Diplomatic Technologies (DT). Duties are in the Washington, D.C. metropolitan area (30% in downtown D.C; 70% in Beltsville, MD. The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department’s information technology (IT) infrastructure. The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners.
This role requires 4 days / week onsite. May be 5 days while pen test is being performed.
Description of Duties :
The Penetration Tester will provide support for HVA Assessments using methodology by Cybersecurity and Infrastructure Security Agency (CISA) Assessment Evaluation and Standardization (AES) program with broad and in-depth knowledge to conduct offensive cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. The Penetration Tester will :
Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk.
- Apply sound technical and management principles to identify and remediate cybersecurity vulnerabilities across the State Department global IT enterprise infrastructure and evaluate system perform risk assessments, and evaluate performance metrics.
Responsibilities include :
Develop, Identify and resolve security vulnerabilities related to deployment and testing processes
Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and / or other countermeasures.
Qualifications
Required Education & Experience :
Required Clearance
Desired :
LPT (Licensed Penetration Testers.
Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).
Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).
Familiarity of Cobalt Strike, Nessus, Kali Linux, Burp Suite, Nmap and OpenVAS for databases.
Skill in the use of social engineering techniques and using penetration testing tools.
Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Server / endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
Knowledge of network protocols such as TCP / IP, Dynamic Host Configuration Protocol (DHCP), domain name system, and directory services.
Ability to generate and implement capabilities to monitor organization’s network in real-time.
Ability to provide Vulnerability Scanning Risk Assessment.
Target salary range : $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy : SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Salary : $160,001 - $200,000
