Penetration Tester
Peraton - Bethesda, MD
posted 7 days ago
About the position
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities
- Collaborates to identify access and collection gaps that can be satisfied through cyber collection and/or preparation activities.
- Leverages all authorized resources and analytic techniques to penetrate targeted networks.
- Assesses data for new or continued opportunities, communicates complex information concepts or ideas in a well-organized manner through verbal, written, and/or visual means.
- Creates comprehensive strategies to develop and maintain accesses to systems.
- Conducts remote exploitation and provides technical experience, analyzes intelligence information, technical data, and exploitation opportunities.
- Evaluates, analyzes, and synthesizes large quantities of data into high quality, fused targeting, and intelligence products.
Requirements
- Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
- Active TS/SCI with polygraph
- Experience and familiarity with the assessment methods defined in NIST SP 800-30 and NIST SP 800-53A
- Experience in drafting written reports
- Extensive experience in reviewing and examining data and information that supports cybersecurity assessments
- Experience in pen testing fundamentals
- Experience in pen testing tools including scanners like Nessus and Nmap
- CISSP certification
- A minimum of three years of performing authorized pen testing on enterprise networks
- Gaining access to targeted networks
- Applying expertise to enable new exploitation and maintaining access
- Obeying appropriate laws and regulations
- Providing infrastructure analysis
- Performing analysis of physical and logical digital technologies
- Conducting in-depth target and technical analysis
- Creating exploitation strategies for identified vulnerabilities
- Monitoring target networks
- Profiling network users or system administrators and their activities
Benefits
- Heavily subsidized employee benefits coverage for you and your dependents
- 25 days of PTO accrued annually up to a generous PTO cap
- Eligible to participate in an attractive bonus plan
