Cyber Security Engineer (Penetration Tester)
Remote
SkyePoint Decisions
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S.SkyePoint Decisions, Inc. is seeking a highly motivated team member to fill the role of Penetration Tester to join our team supporting the Department of Education’s (DoED) Cybersecurity Federal Student Aid (FSA) and Privacy Support Services (CPSS) in Washington, DC. The cybersecurity risk management services support the CSO Information Security and Cyber Protection Program by providing a structured approach to integrating risk management and information security into the System Development Lifecycle (SDLC) of IT systems and services. These services also support Authorizing Officials (AOs), Authorizing Official Designated Representatives (AODRs), Common Control Provider (CCPs), and System Owners (SOs) to ensure security and privacy risks are managed through the Risk Management Framework (RMF). Cybersecurity defense, engineering, and IR provide the measures to protect and defend information and systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
Responsibilities
- Perform Vulnerability Assessments Security/Penetration Testing Identity and Access Management (IdAM) Support
- Perform Penetration Testing consistent with DHS RVA standards, guidelines, and templates
- Perform internal and external Pentest against systems to determine vulnerabilities, provide actionable insights and offer mitigation strategies.
- Ensure that appropriate vulnerability and penetration tests are scheduled, conducted, analyzed, and presented to the system owner ad information systems security officer (ISSO)
- Perform web app penetration testing
- Perform cyber incident response as needed for programs
- Provide knowledge in computer and network
- Develop, research, and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
Qualifications
- Must be able to obtain a DoED Level 6C High Risk/Public. Top Secret Clearance preferred.
- A Bachelor's degree in computer science or engineering, Cybersecurity, or IT from an accredited college and minimum of three years relevant experience
- Experience using penetration testing tools and techniques (Burp Suite, BloodHound, Responder, Pass-the-Hash)
- Experience with web app testing and network testing
- Use of social engineering techniques (e.g., phishing, baiting, tailgating, etc.)
- Using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.)
- At least three (3) years of concurrent experience supporting cybersecurity enterprise monitoring, vulnerability assessment, and penetration testing (i.e., testing tools, phishing, social engineering, cyberattacks) for the Federal Government
- At least three (3) years of experience supporting identity and access management for the Federal Government
- CISSP, CEH, GPEN or equivalent certification required
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to most efficiently and effectively deliver their mission – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results.
SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 (with SAM) for Services. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve.
SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.
Tags: Burp Suite CEH CISSP Clearance Computer Science Encryption GPEN Incident response Monitoring Nmap Pentesting Privacy Risk management SDLC Top Secret Top Secret Clearance Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs