Red Team Penetration Tester

Overview

For two decades, Millennium Corporation has been operating on the leading edge of cybersecurity. Our elite team of more than 400 experts has an unparalleled record of performance supporting Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. With the largest contingent of contracted Red Team operators in the DoD, we provide an unmatched level of threat intelligence and battle-tested experience for customers in both the DoD and federal civilian markets.

What We Believe

We believe that diversity is a fact, inclusion is a choice.  At Millennium Corporation, we are inclusive. We celebrate multiple approaches and different points of view. We strongly believe that diversity drives innovation, and we are building a culture where differences are valued. We are always growing our programs and we offer tools to help our employees grow and manage their careers.

Millennium is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Millennium promotes affirmative action for women, minorities, disabled persons, LGBTQ+ and veterans.

Responsibilities

Millennium Corporation is hiring a Red Team Penetration Tester / Engineer to work in Virginia Beach OR Dahlgren, VA. The candidate must have an active TS/SCI clearance.

The ideal candidate will:

• Provide Cybersecurity Test and Evaluation Support. This effort covers all aspects of Cyber testing to include beginning with planning requirements and concluding providing reports and recommended solutions.  
• Provide support by utilizing experience in automation using Powershell, PowerAutomate, Logic Apps, Graph API.
• Provide support by utilizing experience conducting Red Team operations in an MDE environment.
• Provide support by utilizing experience with AWS, Cloud Audit, Serverless and Microservice Architecture.
• Provide support utilizing experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services.
• Provide support by performing web application and API penetration testing, and Cloud Security Audits.
• Provide support by utilizing experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP).
• Providing support by writing proof of concept code to demonstrate the severity of a potential security issues.

Qualifications

• Candidate must have an active TS/SCI security clearance.
• With an accredited bachelor's degree within a relevant area the candidate must have a minimum of 6 years of experience. With a masters degree, a minimum of 3 years of experience.
• Must have a CFR, Cloud+, CySA+, GCED, GICSP or PenTest+ certification. 
• Must also possess a Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE) or Offensive Security Wireless Professional (OSWP) certification.
• Demonstrated experience performing vulnerability assessments with the Assured Compliance Assessment Solution (ACAS) tool.
• Demonstrated experience utilizing penetration tools and mimicking threat behavior.
• Demonstrated experience with performing STIG assessments to include using SCAP benchmarks.
• Shall have demonstrated experience utilizing packet analyzer tools such as Wireshark and tcpdump.

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

• Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
• Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

Up to 25%