This position will work a rotating hybrid schedule in Arlington, VA. WEEK 1 - 2 days onsite, 3 days remote WEEK 2 - 3 days onsite, 2 days remote.
 
 This role supports the Penetration Testing (Red Cell) Team.
 
What you’ll do:

• Assesses the current state of the customer’s system security by identifying all vulnerabilities and security measures. Helps customer perform analysis and mitigation of security vulnerabilities.
• Perform and report on penetration testing of systems including cloud to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).
• Stay abreast of current attack vectors and unique methods for exploitation of computer networks.
• Provide support to incident response teams through capability enhancement and reporting.
• Assist in maintaining Red Cell infrastructure.
• Develop or modify tools that automate discovery or exploitation (e.g. bash, Python, JavaScript,powershell).

 
Qualifications:
Required qualifications:
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: 

• A Bachelor of Science degree and 5 to 7 years of experience is required. In lieu of a Bachelor's degree, 4 years of additional experience may be substituted 
• US citizenship required with the ability to obtain interim Top Secret security clearance before starting.
• Must be able to work a hybrid schedule. 
• Basic understanding of networking and security principles.
• Familiar in evaluating system security configurations.
• Understand common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
• Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
• Fundamentals of network routing & switching and assessing network device configurations
• Familiarity in evaluating findings and performing root cause analysis.
• Ability to work alone or in a small group.

 
Preferred Qualifications
Candidates with these preferred skills will be given preferential consideration: 

• Possess Sec+, Net+, CEH or other Penetration Testing or Security based certifications