Cyber Security Engineer (Penetration Testing) TS/SCI w/ Poly

The Sponsor’s team provides a highly technical and in-depth penetration testing service, in support of enterprise cyber security equities. The Sponsor requires support specializing in penetration testing and ethical hacking, to target, assess, and exploit risk and vulnerabilities of information systems. The intent is to provide senior decision makers with documented and actionable data to aid in making strategic investment decisions.

The candidate  MUST  have experience  with cyber penetration testing, leveraging adversarial tactics to conduct hands-on security testing, and applying computer attack methods and system exploitation techniques. 

The candidate  MUST  have experience  with the cyber security principles for Linux, Windows, and virtual platforms  as well as  performing network security analysis and analyzing network architectures.

Work Requirements

Contractor Support; HRR; Yes

The Contractor shall document all identified system risks, planned test procedures, and results.

The Contractor shall perform analyses of vulnerabilities identified during testing.

The Contractor shall review program-level documentation such as requirements specification, system architecture, design documents, test plans, and security plans.

The Contractor shall create and document penetration testing plans and procedures.

The Contractor shall conduct hands-on penetration testing by leveraging approved testing plans and procedures.

The Contractor shall analyze penetration test results, document risks, and recommend countermeasures to uncovered risks.

The Contractor shall participate or lead technical exchange meetings and application review boards.

The Contractor shall document action items and results from technical exchange meetings and application review boards.

The Contractor shall brief management on the status of action items and results of activities.

required skills and demonstrated experience

The Contractor shall have the following required skills, certifications and demonstrated experience:

· Demonstrated work experience in cyber security or related IT field.

· Demonstrated experience with cyber penetration testing.

· Demonstrated experience leveraging adversarial tactics to conduct hands-on security testing.

· Demonstrated experience applying computer attack methods and system exploitation techniques.

· Demonstrated working knowledge of cyber security principles for Linux, Windows, and virtual platforms.

· Demonstrated experience designing, testing, or implementing IT security architecture.

· Demonstrated experience performing network security analysis.

· Demonstrated experience analyzing network architectures.

· Demonstrated experience using network management tools

· Demonstrated experience developing risk management methodologies.

· Demonstrated experience analyzing test results to develop risk and threat mitigation plans.

· Demonstrated experience testing or reviewing system configuration, development, and design specifically around enterprise systems and hypervisors.

· Demonstrated experience designing, testing, or implementing complex Windows installations.

Highly Desired skills and demonstrated experience

Skills and demonstrated experiences that are highly desired but not required to perform the work include:

· Demonstrated experience participating in public and private information security groups and organizations.

· Demonstrated experience communicating vulnerability results and risk posture to senior executives.

· Demonstrated experience performing complex technical tasks with minimal direction.

· A Bachelor's degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline.

· Two or more of the relevant certifications:

o Offensive Security Certified Professional (OSCP)

o Global Information Assurance Certification Penetration Tester (GPEN)

o eLearn Security Certified Professional Penetration Tester (eCPPTv2)

Global Information Assurance Certification Web Application Penetration Tester (GWAPT)

• Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and family friendly work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package including medical/dental/vision coverage, PTO, Paid Holidays, 401K contribution, tuition reimbursement, regular team events, opportunities for professional growth and advancement and much more!