Join our Talent Network >

Penetration Tester- Manager

Job ID: 2300661
Location: QUANTICO, VA, United States
Date Posted: Jan 25, 2023
Category: Cyber
Subcategory: Cybersecurity Ops
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: TS/SCI
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No Remote
Benefits: Click here

Share: mail

Job Description

Description

SAIC is seeking a Penetration Test Manager (DoD Red Team Manager) to work onsite with our customer in Quantico, VA. This position supports the Marine Corps Cyberspace Operations Group (MCCOG) .

This position is contingent upon contract award. If awarded, work will begin in Fall 2023.

Job Description:

The Lead Penetration Tester will support ethical hacking and penetration testing consisting of operational network exploitation and cyber threat emulation targeting local area network and wide area network systems, aligned with the NIST 800-115.  The Government conducts approximately 10-15 full scale Red Team operations per year, 20 phishing assessments, and additional smaller missions as needed to assess new and emerging threats.  This support consists of the development of custom malware in support of targeted operations that range from two weeks in duration to operations that last approximately four to six weeks in duration.  These operations evaluate and assess the security posture of individual units both in garrison and deployed as well as assessments of the Government’s Enterprise Network.  

DoD Red Team Manager (Lead Penetration Tester) will support approximately 8 DOD cyber exercises per year as the cyberspace opposing force.  Capabilities required include wireless security exploitation, local and remote network exploitation, close access (physical security) penetration testing, user driven attacks (including phishing and social engineering), and long-term persistence operations.  Contractor staff will be expected to research and develop exploit code for test and evaluation of mitigation solutions, as well as develop and maintain custom applications (malware development) to ensure Command and Control during Red Team operations.  

DoD Red Team Manager will provide staff with programming experience (e.g., Python, Visual Basic .NET, C Sharp, and PowerShell) and familiarity with ethical hacking frameworks and utilities (e.g., the Kali Operating System, Metasploit, and Meterpreter).  Staff assigned to this task must meet the Government’s established qualification process and criteria as documented in the DoD Cyber Red Team Certification and Accreditation Handbook.  

Duties and Responsibilities:

  • All Red Team personnel must successfully complete the Government’s “Red Team Operator’s Course” and the Government’s “Red Team Operator Certification Program” in order to participate in Red Team operations as part of a National Security Agency (NSA) accredited DoD Cyberspace Red Team.
  • Conduct no-notice and cooperative Red Team assessments and operations.
  • Identify network and system vulnerabilities and misconfigurations likely to be executed by advanced adversaries through the use of threat intelligence and expert employment of emulated adversary tools.
  • Develop and submit detailed technical reports containing information about actions taken, findings, analysis and recommendations.  Reports must contain the information necessary to deconflict all adversary emulation actions well-after the mission is complete.  Technical Reports must be accurate and contain all data required for final reporting and deconfliction (CDRL A002).
  • Research existing exploit code and/or develop proof-of-concept or exploit code for test and evaluation of mitigation solutions. Develop and maintain custom applications (malware development) to support mission requirements to ensure Command and Control during Red Team operations.  The software produced must align with best practices established by USCYBERCOM.

Qualifications

Position Requirements:

  • Active TS/SCI Clearance
  • Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
  • At least five (5) years of experience performing various assessments (penetrations tests of systems and networks within a DOD Network Environment of enclave.
  • At least five (5) years of experience developing and maintaining custom applications that exploit known system vulnerabilities or system misconfigurations to gain system command and control during red team operations.
  • DoDD 8570 IAT III Certification (i.e. CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP)
  • Possess DoDD 8570 CSSP Auditor certification

 


Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.

Share: mail

Similar Jobs

Security Operations Center (SOC) Detection Manager

QUANTICO, VA, United States
Cyber

Cyber Defense Manager

QUANTICO, VA, United States
Cyber

Penetration Testing Manager - Web Applications

QUANTICO, VA, United States
Cyber

Penetration Tester- Manager

QUANTICO, VA, United States
Cyber

Are you an SAIC Employee?

Please apply through the internal career site here >