Join our Talent Network >

Penetration Tester

Job ID: 2015940
Location: FAIRMONT, WV, United States
Date Posted: Oct 9, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Remote Work: Yes

Share: mail

Job Description

Description

SAIC is looking for a Penetration Tester responsible for developing and simulating real-life cyber attacks with the goal of helping organizations improve their security posture. This is a highly technical hands-on role that will utilize knowledge/experience in operating systems, system administration and creativity skills. It is an opportunity for a team player to enhance a world-class team and learn new skills.

• Conduct host/network/application penetration testing as a member of a technical team

• Perform full-scope penetration tests (discovery and exploitation of vulnerabilities) on live network infrastructure, services, Active Directory environments, and other systems/applications

• Able to test, identify and exploit trust, misconfigurations and vulnerabilities in live MS Active Directory environments without getting detected by advanced commercial security solutions

• Test the exploitation of security policies and access controls in restricted/secure environments (e.g. GPO bypass, privilege escalation and A/V evasion)

• Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)

• Able to write scripts in PowerShell, bash and a preferred scripting language

• Research and formulate recommendations for vulnerabilities found during assessments

• Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.

• Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws

• Develop proof-of-concept examples and scenarios for reports and live demonstrations

• Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members

Qualifications

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.

Required Skills:

  • Conduct host/network/application penetration testing as a member of a technical team
  • Perform full-scope penetration tests (discovery and exploitation of vulnerabilities) on live network infrastructure services, Active Directory environments and other systems/applications
  • Able to test, identify and exploit trust, misconfigurations, and vulnerabilities in live MS Active Directory environments without getting detected by advanced commercial security solutions
  • Test the exploitation of security policies and access controls in restricted/secure environments e.g. GPO bypass, privilege escalation, and A/V evasion)
  • Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
  • Able to write scripts in PowerShell, Bash, and a preferred scripting language
  • Research and formulate recommendations for vulnerabilities found during assessments
  • Employ extensive use of Microsoft Office main tools:  Word, Excel< PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
  • Able to present, demonstrate, explain, and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
  • Develop proof-of-concept examples and scenarios for reports and live demonstrations
  • Create/document tactics, techniques, and procedures (TTP) to train and expand/share knowledge with customers and team members

Preferred Skills:

  • Able to review, modify and develop programs or scripts in Assembly, C++, C#, VBS, Python, Perl, Ruby, PowerShell, Bash, JavaScript, Java, PHP and other languages to exploit systems/applications, analyze data, configure systems and automate tasks
  • Review custom applications source code for security flaws and vulnerabilities
  • Able to test, identify and exploit vulnerabilities in web applications without the use of scanning tools


Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail

Similar Jobs

Cyber Sec Analyst Principal

FAIRMONT, WV, United States
Cyber

Penetration Tester

FAIRMONT, WV, United States
Cyber

Cyber Sec Analyst Principal

FAIRMONT, WV, United States
Cyber