Penetration Tester (TS/SCI Required)

$166,400 - $166,400/Yr

Unclassified - Cambridge, MA

posted 3 months ago

Part-time - Senior
Remote - Cambridge, MA

About the position

We are currently seeking a skilled Penetration Tester with an active Top Secret Level Security Clearance to join our team on a remote, part-time contract with one of our esteemed government clients. In this role, you will play a crucial part in assessing and enhancing the security posture of our client's systems and networks through internal and external ethical hacking, along with reviewing their process for their vulnerability assessments. This position is designed for a professional who is adept at identifying vulnerabilities and providing actionable insights to improve security measures. As a Penetration Tester, you will be responsible for scheduling and holding preliminary planning meetings with the client to discuss their defined audit scope for the penetration test, testing and reporting guidelines, information security policies and procedures, and logistics information. You will also conduct approximately eight black and white box penetration tests on several information technology systems within the client's ecosystem. This involves identifying methods of gaining access to a system by using tools and techniques that attackers use, all while adhering to the client's defined audit scope and agreed-upon rules of engagement (RoE). Your role will also include preparing a finalized RoE with acceptance from the client, employer, and any third-party organizations, if applicable. You will assess how the client conducts vulnerability assessments and review the quality of the scanning tools that the client is currently using. Additionally, you will report findings of the client's vulnerability assessment process and stay current on emerging threats, vulnerabilities, and industry best practices in cybersecurity. This position requires effective communication skills to convey technical concepts to non-technical stakeholders, ensuring that all parties understand the implications of the findings and recommendations. This role is part-time, and candidates must be available throughout the length of the contract, which runs from September 2024 to May 2025, to schedule testing and report submission.

Responsibilities

  • Schedule and hold a preliminary planning meeting with the client to discuss their defined audit scope for the penetration test, testing and reporting guidelines, information security policies and procedures, and logistics information.
  • Schedule and hold an entrance meeting with the client to discuss questions, testing, RoE constraints, tools, systems to be tested, and update any parameters with information provided by the client.
  • Conduct approximately 8 black and white box penetration tests on several information technology systems within the client's ecosystem to identify methods of gaining access to a system using tools and techniques that attackers use.
  • Perform penetration and vulnerability testing in accordance with the client's defined audit scope, testing and reporting guidelines, information security policies and procedures, and agreed-upon RoE parameters.
  • Prepare finalized RoE with acceptance from the client, employer, and any third-party organization(s), if applicable.
  • Assess how the client conducts vulnerability assessments and review the quality of the scanning tools that the client is currently using for vulnerability assessments.
  • Report findings of the client's vulnerability assessment process.
  • Stay current on emerging threats, vulnerabilities, and industry best practices in cybersecurity and provide expertise and guidance on security best practices to enhance overall security posture.

Requirements

  • TOP SECRET LEVEL SECURITY CLEARANCE
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
  • 10+ years experience in penetration testing, ethical hacking, or related cybersecurity roles.
  • No previous experience working for an Intelligence Agency in the past 10 years
  • Strong understanding of cybersecurity principles, methodologies, and technologies.
  • Hands-on experience with penetration testing tools and techniques, such as Metasploit, Wireshark, and Nmap.
  • Ability to perform penetration tests using own tools and hardware.
  • Effective communication skills, both verbal and written, to convey technical concepts to non-technical stakeholders.
  • Must have (1) of Certified Ethical Hacker (CEH), CISSP, CISA, CISM, NSA Cyber Red Team, Offensive Security Certified Professional (OSCP), Certified Red Team Operator, or GIAC Penetration Tester (GPEN) certification.

Benefits

  • Remote work opportunity
  • Competitive pay at $80.00 per hour
  • Flexible part-time schedule
  • Opportunity to contribute to critical cybersecurity initiatives

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service