Penetration Tester

EOE STATEMENT We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.
CATEGORY Information Technology
DESCRIPTION Support Navy client by performing vulnerability scans and penetration testing using tools such as Tenable Nessus and Tenable Security Center, reviewing vulnerability findings to assess prevalence and severity, using data analysis and other tools such as SQL, stream editors, spreadsheet pivot tables, LDAP queries, Unix/Linux CLI, nmap, tcpdump, Wireshark, shell scripting, and Puppet, maintaining and utilizing Blue Team tools such as Bluescope, Multiverse, and Dark Ether. Additional duties include troubleshooting using fundamental network knowledge such as Internet Protocol version 6 (IPv6), Open Systems Interconnect (OSI) model, and Transport Control Protocol/Internet Protocol (TCP/IP), maintaining awareness of DoD IA Vulnerability Management: deadlines, announcements, assess applicability, and plan responses, as well as researching and documenting remediation strategies for vulnerabilities and building custom reports for data calls.
  1. Bachelor’s Degree in Computer Science or Computer Engineering or Information Systems or other STEM AND two (2) years of relevant work experience, OR Associates Degree (STEM) AND four (4) years of relevant work experience, OR High School Diploma AND six (6) years of relevant work experience
  2. One (1) of the following commercial certifications:
    1. CompTIA Security + (SY0-301)
    2. International Information Systems Security Certification Consortium (ISC2) Certified Authorization Professional (CAP)
    3. CompTIA Advanced Security Practitioner (CASP)
    4. Information Systems Audit and Control Association (ISACA) Certified Information Security Manager (CISM)
    5. ISC2 Certified Information Systems Security Professional (CISSP)
    6. Global Information Assurance Certification (GIAC) Security Leadership Certification (GSLC)

3)  Two (2) of the following commercial certifications:

  1. Microsoft Certified Technology Specialist (MCTS): Windows Server 2008 Active Directory, Configuring – Server 2008 (70-640)
  2. MCTS: Windows Server 2008 Network Infrastructure, Configuring – Server 2008 (70-642)
  3. Installing and Configuring Windows Server 2012 – Server 2012 (70-410)
  4. Administering Windows Server 2012 – Server 2012 (70-411); OR

One (1) of the following commercial certifications:

a.  Microsoft Certified IT Professional (MCITP): Enterprise Administrator on Windows Server 2008 – MCITP (Enterprise Administrator)

b. MCITP: Server Administrator on Windows Server 2008 – MCITP (Server Administrator)

c. Microsoft Certified Systems Administrator (MCSA)

d. Microsoft Certified Systems Engineer (MCSE 2012); OR

One  (1) of the following commercial certifications:

a.  Linux Professional Institute (LPI) Advanced Level Linux Professional  Certification– LPIC-2

b. Oracle Certified Professional – Oracle Solaris Systems Administrator (OCP-OSSA)

c. Red Hat Certified Engineer (RHCE)

d. Red Hat Certified System Administrator (RHCSA)

e. Sun Certified Network Administrator (Oracle Solaris) (SCNA)

f. Sun Certified System Administrator (Oracle Solaris) (SCSA)

g. CompTIA Linux+

h. LPI – Senior Level Linux Professional Certification (LPIC-3)

i. Oracle Certified Expert – Oracle Solaris System Administrator (OCE-OSSA)

j. Red Hat Certified Datacenter Specialist (RHCDS));

4) EC-Council Certified Ethical Hacker (CEH) certification

5) Two (2) years of demonstrated experience in Commercial and Open Source penetration toolsets including Metasploit and Kali

6) Demonstrated knowledge with Navy and NSA Blue Team toolsets (i.e., Bluescope, Darkether, and Multiverse)

POSITION Penetration Tester
LOCATION Kros-Wise HQ San Diego


. . . . . . . .

Leave a Reply