GovSG is looking for a Penetration Tester to perform primarily Red Team activities to assist in the defense of a Research, Development, Test, and Evaluation (RDT&E) network supporting a US Government customer. The selected candidate will primarily be responsible for assessing the current state of the services and infrastructure supporting NIWC, providing the following support:
- Performing penetration testing against a variety of applications using tools such as BURP.
- Perform proof of concept on new exploits to determine if supported networks are vulnerable.
- Ensure signature-based scanning tools are operational.
- This position is 100% onsite in San Diego, CA.
Position Required:
- 4 years of relevant experience
- Drafting and review of SOPs (Standard Operation Procedures and POCs (Proofs of Concept)
- Experience as a System Administrator/Network Administrator
- Basic to medium knowledge of core Linux elements
- Experience with vulnerability enumeration and remediation
- Experience with DoD STIGs
- Scripting experience (Powershell, BASH, or Python preferred)
- Experience with virtual machines (vSphere, Virtual Box, KVM, QEMU)
Position Desired:
- Knowledge of Burp Suite security tools
- Knowledge of ACAS suite management, installation, upkeep, and troubleshooting
- Experience with Kali Linux tools such as nMAP, TCPDump, WireShark
- Knowledge of web development and HTML structure
- Working knowledge of OSI network model and network traffic flow
- Working knowledge of Palo Alto firewalls
- Basic knowledge of Ports, Protocols, Services, and Management (PPSM’s)
- Working knowledge of Windows Server core elements (Domain Controller, Active Directory, Registry, GPO creation, DISM, SCCM)
- Medium to Advance knowledge of network configuration for switches and routers
- Basic understanding of vulnerability research and exploitation
- Basic knowledge of physical security
- Basic knowledge of hardware exploitation
- Basic knowledge of Cloud core elements
- Penetration testing experience
Required Certifications (IAT Level II):
One of the following:
- CySA+
- Security+
- CCNA - Security
- GICSP
- GSEC
- SSCP
And
- MCSA, Linux+ or other equivalent operating environment certification (equivalent training can be used in lieu of certification)
Salary: $100,000- $118,000. Actual compensation offered to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Why You’ll Want to Work at GovSG:
- Competitive pay and benefits, including PTO and company matched 401k
- Development opportunities through comprehensive training suite
- Ability to make an impact supporting the warfighter
- Opportunities to engage with the community through volunteering
- The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
GovSG is an Equal Opportunity Employer, including Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, pregnancy, sex, sexual orientation, national origin, genetic information, physical or mental disability, military service, protected veteran status, or any other characteristic protected by applicable federal, state and local law. Know your Rights: If you would like more information, please visit www.eeoc.gov/poster.
GovSG participates in E-Verify.