Agile Defense
Penetration Testing SME
Agile Defense, Greendale, Wisconsin, United States, 53129
Agile Defense At the forefront of innovation, driving advanced capabilities and solutions tailored to the most critical national security and civilian missions. At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.Requisition #:
643Job Title:
Penetration Testing SMELocation:
Remote (Alexandria, VA)Clearance Level:
Active DoD - SecretRequired Certification(s):
PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hireSUMMARYThe United States Patent and Trademark Office (USPTO), Cybersecurity Division, has a requirement to enhance existing Pen Test resources with the goal of improving the Pen Test team’s capability in assessing external-facing agency systems. A successful candidate will have verifiable experience in offensive security, attack simulation, scripting, and communication skills. Strong technical capabilities, and an understanding of in-scope systems to the organization with respect to operational impact. It is important as a key function of the role is to work closely with production teams of systems assessed.JOB DUTIES AND RESPONSIBILITIES• Conduct Penetration Testing (application and/or infrastructure) and articulate security issues to both technical and non-technical audiences• Identify, research, validate, and exploit various known and unknown security vulnerabilities• Coordinate with business and technical contacts to assist in the development and delivery of secure solutions• Compose detailed, technical, attack narratives which outline specific attack chains utilized, clear impact of vulnerabilities discovered, and suggested paths to remediation which address root cause of identified weak points in enterprise security architectureQUALIFICATIONSRequired Certifications:
PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hireEducation, Background, and Years of Experience:
Bachelor’s degree/University degree or equivalent experienceADDITIONAL SKILLS & QUALIFICATIONSRequired Skills:• 5+ years of relevant experience with the requirements below:• Extensive experience working with Offensive Security Methodologies and Attack Simulation Techniques• Offensive Security testing tools, e.g., Cobalt Strike, Kali Linux, Bloodhound, Red Team Toolkits• Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact• Deep understanding of OSI model• OS Security, e.g., Unix/Linux, Windows, OSX• Understanding of common protocols, e.g., HTTP, LDAP, SMTP, DNS• Web application infrastructure, e.g., Application Servers, Web Servers, Databases• Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations• Advanced analytical and problem-solving skills• Consistently demonstrates clear and concise written and verbal communication• Proficient in interpreting and applying policies, standards and procedures• Demonstrated ability to remain unbiased in a diverse working environmentPreferred Skills:• Experience leveraging the MITRE ATT&CK Framework• Vulnerability Assessment tools, e.g., Nessus, Qualys, Rapid7• Social Engineering campaigns, e.g., email phishing, phone calls, SET• Security devices, i.e., Firewalls, VPN, AAA systems• Web development and programming languages, e.g., Python, Perl, Ruby, Java, .NetWORKING CONDITIONSEnvironmental Conditions:
RemoteStrength Demands:
Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required.Physical Requirements:
Stand or Sit; Repetitive Motion; Use Hands / Fingers to Handle or Feel; SeeEmployees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
#J-18808-Ljbffr
643Job Title:
Penetration Testing SMELocation:
Remote (Alexandria, VA)Clearance Level:
Active DoD - SecretRequired Certification(s):
PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hireSUMMARYThe United States Patent and Trademark Office (USPTO), Cybersecurity Division, has a requirement to enhance existing Pen Test resources with the goal of improving the Pen Test team’s capability in assessing external-facing agency systems. A successful candidate will have verifiable experience in offensive security, attack simulation, scripting, and communication skills. Strong technical capabilities, and an understanding of in-scope systems to the organization with respect to operational impact. It is important as a key function of the role is to work closely with production teams of systems assessed.JOB DUTIES AND RESPONSIBILITIES• Conduct Penetration Testing (application and/or infrastructure) and articulate security issues to both technical and non-technical audiences• Identify, research, validate, and exploit various known and unknown security vulnerabilities• Coordinate with business and technical contacts to assist in the development and delivery of secure solutions• Compose detailed, technical, attack narratives which outline specific attack chains utilized, clear impact of vulnerabilities discovered, and suggested paths to remediation which address root cause of identified weak points in enterprise security architectureQUALIFICATIONSRequired Certifications:
PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA or possess a willingness to pursue certifications after hireEducation, Background, and Years of Experience:
Bachelor’s degree/University degree or equivalent experienceADDITIONAL SKILLS & QUALIFICATIONSRequired Skills:• 5+ years of relevant experience with the requirements below:• Extensive experience working with Offensive Security Methodologies and Attack Simulation Techniques• Offensive Security testing tools, e.g., Cobalt Strike, Kali Linux, Bloodhound, Red Team Toolkits• Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact• Deep understanding of OSI model• OS Security, e.g., Unix/Linux, Windows, OSX• Understanding of common protocols, e.g., HTTP, LDAP, SMTP, DNS• Web application infrastructure, e.g., Application Servers, Web Servers, Databases• Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations• Advanced analytical and problem-solving skills• Consistently demonstrates clear and concise written and verbal communication• Proficient in interpreting and applying policies, standards and procedures• Demonstrated ability to remain unbiased in a diverse working environmentPreferred Skills:• Experience leveraging the MITRE ATT&CK Framework• Vulnerability Assessment tools, e.g., Nessus, Qualys, Rapid7• Social Engineering campaigns, e.g., email phishing, phone calls, SET• Security devices, i.e., Firewalls, VPN, AAA systems• Web development and programming languages, e.g., Python, Perl, Ruby, Java, .NetWORKING CONDITIONSEnvironmental Conditions:
RemoteStrength Demands:
Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required.Physical Requirements:
Stand or Sit; Repetitive Motion; Use Hands / Fingers to Handle or Feel; SeeEmployees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together.Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.
#J-18808-Ljbffr