Job Overview
Job Role: Cyber Security Test Specialist
Location - Airlington, VA (Hybrid)
Duration- Longterm
Description:
The Cybersecurity Operations Unit is seeking a security test and evaluation professional who will support the design, development, and implementation of a Threat Emulation capability for the unit.
Threat Emulation is a new function managed under the Cybersecurity Operations Unit (Cyber Ops Unit) within the Board’s Division of Information Technology’s Information Security Branch. The Information Security Branch is seeking to establish a Threat Emulation capability that will perform penetration testing, conduct purple team exercises, and perform a variety of security control assessment activities on pre- and post-deployment appliances, applications, and systems. The Contractor shall provide technical expertise and assist with the establishment and implementation of a formal Threat Emulation function for the Board. The contractor shall:
Help the Board build a program designed to identify weaknesses in Board systems and deficiencies in the Board’s security defenses by mimicking the attack techniques used by real-world threat actors
Conduct security tests as needed to identify potential security issues that require remediation within the Board’s systems or network
Requirements:
The candidate shall possess the knowledge and skills set forth in the Specialized Cybersecurity and Privacy Support Services BOA, Section H.3.f. for Labor Category 6, Senior Security Test and Evaluation, with the following set of additional knowledge and experience:
Knowledge of current cyber threat actor tactics, techniques, and procedures (TTPs)
Experience designing security tests that emulate cyber threat actor TTPs
Experience with TTPs pertinent to local (on-premises) and cloud environments
While candidates are not required to have these certifications, knowledge should be consistent with that of the following certifications: GIAC Certified Enterprise Penetration Test (GPEN), GIAC Cloud Penetration Testing (GCPN), and/or Offensive Security Experienced Penetration Tester (OSEP)
Responsibilities:
The candidate shall provide support that includes, but is not limited to, the following tasks:
Support the design of a Threat Emulation function for the Cyber Ops Unit, to include the development of any documentation required to build the program and gain approval for the various functions (e.g., penetration testing, purple teaming, red teaming, security test and evaluation, closed environment / offline threat emulation, static/dynamic application testing)
Perform the duties of a Threat Emulation analyst on behalf of the Cyber Ops Unit
Build presentations and design demonstrations to inform senior leadership on the various functions of the program
Conduct internal and external security testing, mimicking real-world attack techniques to identify vulnerable systems or opportunities for circumventing the Board’s security defenses
Leverage commercial and open-source tools for scanning and security testing (e.g., nmap, Nessus, Kali Linux, Cobalt Strike, Virtualization, Metasploit, etc.)
Develop custom exploits and/or design security tests to emulate threats and demonstrate the potential vulnerabilities within the Board’s network
Perform application analysis, reverse engineering, and malware analysis as needed, to include the use of an offline workstation to analyze the functions of raw code to identify its functionality and develop defenses tailored to the Board
Identify potential flaws and vulnerabilities in external and internal systems, demonstrate how those weaknesses could be exploited, and support the development of countermeasures to reduce or mitigate risk
Conduct security gap analyses to identify potential vulnerabilities/weaknesses in Board systems and networks (Note: While there may be no vulnerabilities present, certain design choices might expose the Board to risk. This risk shall be identified and solutions shall be designed to protect Board resources.)
Attempt manual and/or automated exploitation of vulnerabilities and document each step and the results
Conduct scenario-based and functional security testing during authenticated and unauthenticated testing
Develop comprehensive reports and presentations for both technical and executive audiences, tailor the content to meet the audiences where they are, and design the messaging to help the Board mitigate risks and identify defensive options
Job Types: Full-time, Contract
Pay: $40.00 - $50.00 per hour
Benefits:
- Dental insurance
- Health insurance
- Paid time off
Schedule:
- 8 hour shift
- Monday to Friday
Application Question(s):
- Candidate should be US citizen and should have TTP experience.
Experience:
- Penetration testing: 5 years (Required)
- Cybersecurity: 5 years (Required)
Ability to Commute:
- Arlington, VA 20598 (Required)
Ability to Relocate:
- Arlington, VA 20598: Relocate before starting work (Required)
Work Location: Hybrid remote in Arlington, VA 20598