Cyber Security SME / Pen Tester

Springfield, VA

Novetta logo
Apply now Apply later

Posted 1 month ago

Join our team dedicated to developing and executing innovative solutions in support of customer mission success.

Job Description: 

The Cyber Security SME / Pen Tester will support an effort to develop, enhance, release, and sustain cloud-based applications for a government customer using agile software development and a DevSecOps infrastructure and focus.

Responsibilities include:

  • Advising on design and implementation of security controls for the cloud-based applications. The applications will deploy in a cross-domain approach that enables transmission of data from an application instance on an unclassified network to an application instance on a SIPRNet or JWICS networks (low to high).
  • Advising on and overseeing implementation of information assurance measures to prevent spillage in accordance with the FAR.
  • Conducting penetration test activities to identify system vulnerabilities and recommend remediation activities.

Basic Qualifications:

  • 3+ years of experience support Risk Management Framework (RMF) assessment and authorization (A&A) activities. Application hardening experience or familiarity with Security Technical Implementation Guide (STIG) concepts.
  • 1+ years of experience with cloud (private or public) environments.
  • 1+ years of penetration testing expeience.
  • Certified Ethical Hacker (CEH) certification.
  • Strong verbal and written communication skills. Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers and in documentation. Ability to interface with seasoned Government personnel.
  • Understanding of cloud security concepts.
  • Familiarity with DevSecOps and Continuous Integration / Continuous Deployment (CI/CD) concepts.
  • Eligible for clearance up to TS/SCI level.
  • Bachelors degree in Computer Science, Information Technology, or related field.

Desired Skills:

  • Active or previously held Top Secret SCI clearance.
  • Desire to learn new technologies and tools.
  • Experience with open-source style development infrastructure including open backlogs, multi- contributors, etc.
  • Experience in the DoD software development space.

Security Clearance:

  • Must be a US citizen eligible for a TS/SCI security clearance

Novetta, from complexity to clarity.

Novetta delivers highly scalable advanced analytics and secure technology solutions to address challenges of national and global significance. Focused on mission success, Novetta pioneers disruptive technologies in machine learning, data analytics, full-spectrum cyber, cloud engineering, open source analytics, and multi-INT fusion for Defense, Intelligence Community, and Federal Law Enforcement customers. Novetta is headquartered in McLean, VA with over 1,000 employees across the U.S.

Our culture is shaped by a commitment to our core values:

Integrity • We hold ourselves accountable to the highest standards of integrity and ethics.

Customer Success • We strive daily to exceed expectations and achieve customer mission success.

Employee Focus • We invest in our employees’ professional development and training, respecting individuality and fostering a culture of diversity and inclusion.

Innovation • We know that discovering new and innovative ways to solve problems is critical to our success and makes us a great company.

Excellence in Execution • We take pride in flawless execution as we build a company that is best in class.

Earn a REFERRAL BONUS for the qualified people you know. 

For more details, or to submit a referral: 


Novetta is an equal opportunity/affirmative action employer.

All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

Job tags: Analytics CEH Clearance Machine Learning Open Source Penetration testing Security Clearance Top Secret Vulnerabilities