Penetration Tester

The Department of Defense (DoD) Cyber Crime Center (DC3) DoD-Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE) penetration testers conduct Adversary Emulation Tests (AETs) against DIB Partners' external and internal networks, upon request, associated with the processing of Covered Defense Information (CDI). These AETs assess the company's cybersecurity posture and network configurations and controls to identify vulnerabilities on DIB Partners' network infrastructures by leveraging adversarial tactics, techniques, and procedures (TTPs) in accordance with an established penetration testing framework.

* This is a temporary position through February 2025

* This position is mostly remote

Qualifications:

Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD (additional experience may be used in lieu of a degree)
• Secret clearance required (TS/SCI preferred)
• Experience and familiarity with the assessment methods defined in NIST SP 800-30 and NIST SP 800-53A
• Experience in drafting written reports
• Extensive experience in reviewing and examining data and information that supports cybersecurity assessments
• Experience in pen testing fundamentals
• Experience in Kali Linux and its toolsets, including Metasploit
• Experience in pen testing tools including scanners like Nessus and Nmap

A minimum of three years of the following experience:

• Performing authorized pen testing on enterprise networks;
  • gaining access to targeted networks;
  • applying expertise to enable new exploitation and maintaining access;
  • obeying appropriate laws and regulations;
  • providing infrastructure analysis;
  • performing analysis of physical and logical digital technologies;
  • conducting in-depth target and technical analysis;
  • creating exploitation strategies for identified vulnerabilities;
  • monitoring target networks; and
  • profiling network users or system administrators and their activities

Preferred: One or more nationally recognized information system auditing certifications

• OSEP (Offensive Security Experienced Penetration Tester)
• OSCP (Offensive Security Certified Professional)
• GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
• GPEN (GIAC Certified Penetration Tester)
• LPT (Licensed Penetration Tester)

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.