Penetration Tester
Remote
Applications have closed
Dark Wolf Solutions
The Alphaof technology Dark Wolf Solutions operates at the nexus of mission and technology to meet our Nation's most challenging missions. JOIN THE PACK Connect Our Background About Us We combine the most innovative emerging technologies with...Dark Wolf Solutions is looking for a Penetration Tester who will plan and perform continuous cross-domain vulnerability assessments, full-scale penetration testing and red team operations. The ideal candidate must display familiarity with both cloud-based and on-premises Windows, Linux and mobile operating systems and environments and be able to conduct network and application security vulnerability analysis. The candidate will analyze both commercial and federal mission systems to help identify potential vulnerabilities and help to provide and implement remediation strategies to customers for these issues. The successful candidate must have prior experience with multiple facets of penetration testing, using and ideally developing or contributing to both open source and proprietary tools. Conducts open-source research on clients and their infrastructure to help identify data leakage that could lead to vulnerabilities. Leverages programming knowledge to develop custom tools and exploits both for targeting unique client systems and building internal testing capabilities. Travels to client sites on a semi-regular basis to conduct onsite assessments and tests. Prepares assessments and presentations of analyses and findings. Develops and maintains analytical procedures to meet changing requirements and ensure effective operations. This position is REMOTE, with the possibility of minimal travel.
Duties/Responsibilities:
Candidates may be asked to move between projects and participate in either single engagement penetration tests or continuous engagement Red Teams. The position will primarily require the candidate to lead the technical aspect of a specific, long-term penetration testing effort, helping to conduct varied testing efforts against applications and networks for the federal government. Candidates may also be placed on a larger Red Team and be expected to develop a continuous campaign-based assessment that emulates the target’s real-world adversaries by developing new tools specific to the target. Candidates will be expected to integrate into ongoing testing efforts, requiring subject matter expertise in multiple disciplines of vulnerability testing and assessment, the ability to interact and liaison directly with clients and a strong ability to write and document findings. Travel is required on an occasional basis for clients requiring onsite testing. The successful candidate will be willing to be evaluated and sponsored for a security clearance.
Required Qualifications:
- 2+ years’ experience in three or more specific areas to include: intelligence analysis, network engineering, networking security, penetration testing, red team operations, hardware engineering, software engineering, exploit development, reverse engineering, vulnerability assessment, physical security assessments, social engineering
- Strong knowledge of testing simulated intrusion attempts and physical penetration testing
- Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT devices
- Familiarity with unmanned aerial vehicles and associated mobile and wireless technologies
- Proficiency of various operating systems: Windows, iOS, Android, Mac or Linux
- Proficiency with cloud technology and deployments: Amazon Web Services, Microsoft Azure, Google Cloud Platform
- Moderate competency in at least one scripting and/or coding language
- Working knowledge of software development, with preference for experience working around software development teams and efforts
- Experience in network analysis methodologies
- Experience in drafting reports, documenting case details, and being able to summarize findings and recommendations based on system analysis
- Demonstrated strong written and verbal communication skills
- BS (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field
- Willingness to travel
- US Citizenship and clearable at a minimum of the Secret Level
Desired Qualifications:
- Familiarity with container technologies to include container orchestration and microservices
- Experience with DevSecOps and adjacent tools; strong preference for experience with Kubernetes, software development pipelines
- Security Certification: CEH, OSCP, PNPT or similar security/pentesting certs
- Experience employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
- Experience in performing post-incident computer forensics without destruction of critical data.
- Desired experience ensuring quality assurance and the spreading of best practices
- MS degree in technical field
This position is REMOTE within the United States.
The salary range for this position is $100,000.00 - $180,000.00 commensurate on experience and location.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.Tags: Android Application security Azure CEH Clearance Cloud Compliance Computer Science DevSecOps Exploit Exploits Forensics GCP iOS Kubernetes Linux Microservices Open Source OSCP Pentesting Red team Reverse engineering Scripting Security assessment Security Clearance Vulnerabilities Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs