Cyber Security Engineer (Penetration Tester)

SkyePoint Decisions, Inc. is seeking a highly motivated team member to fill the role of Penetration Tester to join our team supporting the Department of Education’s (DoED) Cybersecurity Federal Student Aid (FSA) and Privacy Support Services (CPSS) in Washington, DC. The cybersecurity risk management services support the CSO Information Security and Cyber Protection Program by providing a structured approach to integrating risk management and information security into the System Development Lifecycle (SDLC) of IT systems and services. These services also support Authorizing Officials (AOs), Authorizing Official Designated Representatives (AODRs), Common Control Provider (CCPs), and System Owners (SOs) to ensure security and privacy risks are managed through the Risk Management Framework (RMF). Cybersecurity defense, engineering, and IR provide the measures to protect and defend information and systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.

Responsibilities

• Perform Vulnerability Assessments Security/Penetration Testing Identity and Access Management (IdAM) Support
• Perform Penetration Testing consistent with DHS RVA standards, guidelines, and templates
• Perform internal and external Pentest against systems to determine vulnerabilities, provide actionable insights and offer mitigation strategies.
• Ensure that appropriate vulnerability and penetration tests are scheduled, conducted, analyzed, and presented to the system owner ad information systems security officer (ISSO)
• Perform web app penetration testing
• Perform cyber incident response as needed for programs
• Provide knowledge in computer and network
• Develop, research, and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption

Qualifications

• Must be able to obtain a DoED Level 6C High Risk/Public.  Top Secret Clearance preferred.
• A Bachelor's degree in computer science or engineering, Cybersecurity, or IT from an accredited college and minimum of three years relevant experience
• Experience using penetration testing tools and techniques (Burp Suite, BloodHound, Responder, Pass-the-Hash)
• Experience with web app testing and network testing
• Use of social engineering techniques (e.g., phishing, baiting, tailgating, etc.)
• Using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.)
• At least three (3) years of concurrent experience supporting cybersecurity enterprise monitoring, vulnerability assessment, and penetration testing (i.e., testing tools, phishing, social engineering, cyberattacks) for the Federal Government
• At least three (3) years of experience supporting identity and access management for the Federal Government
• CISSP, CEH, GPEN or equivalent certification required

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to most efficiently and effectively deliver their mission – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results.

SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 (with SAM) for Services. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve.

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.