Pen Tester, SME/Level 4

Job Description

Company: Arcfield

Location: Chantilly, US

Responsibilities:
Arcfield’s Cyber programs are expanding and currently in need of Penetration Tester (Pen Tester), Level 4 (SME) professionals to review and evaluate NRO Information Systems (IS) and recommend changes to the Government that can improve information confidentiality, integrity, and availability. Note: An offer for this position is contingent upon contract award.

Responsibilities include, but are not limited to the following:

• Conduct basic reconnaissance and vulnerability scanning using established methodologies

• Identify, document, and report common vulnerabilities that could be exploited

• Perform security-focused services to improve the security posture of NRO Information Systems

• Execute active and passive penetration testing capabilities on NRO IT assets, as per government policy and direction

• Document findings in detailed reports for inclusion in Security Assessment Reports (SARs)

• Support Risk Management Framework (RMF) Steps 4 and 6 processes

• Review and write Information System Accreditation Packages (ISAPs) and Technical Information System Security Requirements (TISSRs)

• Conduct approved testing as well as writing reports following government-approved templates

• Complete ISAP/TISSR reports within 30 calendar days of on-site assessment completion

• Maintain and update report templates with government approval

• Demonstrate basic scripting abilities and understanding of network fundamentals

• Proficiently use vulnerability scanning tools

• Adhere to rules of engagement agreements between COMM Pen Testers and NRO Program ISO

• Collaborate with Program Offices to determine the scope and depth of Information System testing

Qualifications:

Required

• Must be able to possess and maintain a TS/SCI clearance with Poly

• BS 10-12 Years, MS 8-10 Years, Phd 5-7 Years

• Bachelor/STEM with 7+yrs Relevant Experience

• Certifications (One or more):

• GCIH

• GPEN

• PenTest+

• Basic scripting abilities

• Basic understanding of network fundamentals

• Basic understanding of vulnerability scanning tools

• Expertise in:

• Network protocols

• Application security

• Social engineering

• Advanced scripting

• Extensive knowledge of:

• Cybersecurity frameworks

• Industry standards

• Advanced security tools

• 6+ yrs-Pen Testing experience

• Strong leadership and project management abilities

• Excellent communication skills (both written and verbal)

• Ability to work with both technical and non-technical stakeholders

• Problem-solving and analytical thinking skills

• Ability to work under pressure and manage multiple priorities

Desired

• BS/STEM degree(s) in Computer Science, Information Technology, Cybersecurity, or a related field

• Experience with government and military IT systems, particularly in the IC and DoD environments

• Understanding of IC and DoD organizational structures and processes

• Familiarity with government reporting requirements and procedures

• Demonstrated ability to develop innovative solutions for complex technical problems

• Recognition as an authority in information security within previous roles

• Experience in developing and implementing security policies and procedures

EEO Statement:

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.

Source: Indeed