Cyber Systems Security Assessor - Penetration Tester

US-TX-San Antonio
5 days ago
Requisition ID
2017-38170
# of Openings
1
Category
Cyber Security
Minimum Clearance
Secret

About Engility

Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure.

Description

Are you a problem solver? Do you like complex, challenging puzzles?  If so, this position just might be just what you’re looking for.  This position involves a blending of several disciplines to include, but not limited, penetration testing, reverse engineering, and code/script development.  A common scenario would be for the customer to provide a software application, operating system or suite of tools, in which the Penetration Tester, adhering to customer goals or objectives, would analyze, evaluate  and identify vulnerabilities, zero days and vectors an adversary could potentially use to gain regular and privileged access. As a minimum, this position requires a demonstrated ability to reverse engineer executables to identify flaws and create and operationally test exploits to take advantage of an identified vulnerability or zero days.  Applicants MUST have penetration test experience to be considered.   

 

More specifically, the candidate will:

  • Conduct vulnerability, compliance and in-depth penetration testing and reverse engineering on AF/DoD systems, in support of Cyber Vulnerability Assessments (CVA).
  • Have strong UNIX/LINUX fundamentals along with familiarity of UNIX/LINUX/Windows CLI.
  • Demonstrate an ability to methodically analyze problems, identify solutions and remain composed in potentially stressful situations.
  • Analyze, disassemble, and reverse engineer code/executables to discern weaknesses for exploitation; document and transition results in reports, presentations and technical exchanges.
  • Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability.
  • Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments.
  • Possess understanding of Microsoft Office Suite.
  • Exhibit good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
  • Understand and be proficient in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events.
  • Travel up to 25% supporting assessment up to 3 weeks in duration in support of the customer.

Required Qualifications

  • Must possess an active Secret security clearance and be able to obtain a TS/SCI security clearance.
  • Must possess or be willing to obtain an IAT Level III certification: CISSP (or Associate), CASP, CISA, GCED, GCIH, or CCNP-Security.
  • Must possess or be willing to obtain a penetration tester certification (i.e., GPEN, GXPN, GWAPT), MCSA and UNIX/Linux certifications within set timeframe.
  • Minimum Bachelor’s degree and 2 years’ experience, Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science. 
  • Hands on experience with penetration testing and reverse engineering, The Metasploit Framework, Burp Suite, or similar architecture(s)/app(s) (5 years).
  • Experience in working with and in a network systems security environment with a focus on security and information assurance (5 years).
  • Familiarity with the following protocols:  ARP, DHCP, DNS, DSN, FTP, HTTP, IMAP, ICMP, IDRP, IP, IRC, NFS, POP3, PAR, RLOGIN, SMB, SMTP, SSL, SSH, TCP, TELNET, UDP.
  • Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models.
  • Advanced experience with Linux+, Power Shell, SED, AWK, Perl, Python, Batch, or similar.
  • Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, and pass the customer’s training and certification program and remain mission ready qualified.
  • Candidate should be self-motivated with minimal supervision.

 

Desired Qualifications

  • Database (e.g., OCP, Postgres, CMDBA, MSDBA, MS SQL Server, etc.), GREM and C|EH a plus.
  • Experience or familiarity with military operations highly desirable. 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.

Engility is proud to be an Affirmative Action/Equal Opportunity Employer. Engility provides equal employment opportunity for all persons, in all facets of employment. Engility maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks. If you are a qualified individual with a disability or a disabled veteran, and need a reasonable accommodation to use or access our online system, please contact us via our home page.