Penetration Tester

Overview

CDT is looking for a Penetration Tester to support a government customer onsite in Chantilly, VA. Candidates with OSCP certification are highly recommended to apply.

An active Top Secret/SCI with CI poly is required. Candidates who do not meet these requirements will not be considered.

• Conduct penetration testing that uses both active and passive capabilities to expose and exploit IA vulnerabilities.
• Review and evaluate information systems and recommend changes to the Government that can improve information confidentiality, integrity and availability.
• Responsible for performing security focused services to improve security posture.
• Conduct test and evaluations of software, hardware, networks and applications.
• Reviews of the documents to ensure completeness and compliance with the RMF process, ICD 503 requirements, and/or other applicable regulations.

• High School Diploma/GED, Associates Degree and 5 years of relevant work experience.
• Bachelor's Degree and 3 years of relevant work experience.
• Experience in cyber security with a focus on red teaming, penetration testing, or threat hunting.

• Strong understanding of network protocols and troubleshooting, server and workstation operating systems, exploits and vulnerabilities.
• Strong working knowledge of common penetration tools, tactics, techniques, and procedures.
• Experience with cloud environments.
• Strong understanding of penetration testing methodologies (MITRE ATT&CK, OWASP).
• Ability to incorporate threat intelligence data into attached or penetration testing scenarios.
• Excellent problem solving and troubleshooting skills with a strong attention to detail.
• Ability to read/write code using interpreted languages (Python, PHP, Ruby, etc.).
• Experience with simulated/emulated environments and/or virtualization technologies.
• Experience with orchestration tools and virtualization environments (Docker, Kubernetes, etc.).
• Experience with industrial control systems deployment, security best practices, vulnerabilities, and penetration testing.
• ICD 503 and the Government's certification and accreditation process.
• Networks, computer components, system protocols, and COTS technology.
• System methodologies including: client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers.
• Software integration of COTS and Government Off-the-Shelf (GOTS) products.
• Windows, Linux, Unix, and Mac OS X administration.
• VMware, Xen, Hyper V and other virtualization platforms.
• Configuring and supporting Windows, Linux, Unix, Mac OS, and other operating systems, VMware, Xen, Hyper V and other virtualization platforms.
• Experience in Software engineering, program design and implementation, configuration management, system maintenance, integration testing, Information system engineering.
• System certification activities and efforts related to system certification and accreditation.
• Research, develop, and maintain knowledge of penetration testing tools, tactics, techniques, and procedures.
• Research, development, integration, and distribution of information systems security tools and associated documentation
• Security procedures for systems and software within area of expertise to ensure consistent security policy implementation.
• Experience in technical project management.
• Education relevant to computer engineering, information security, information management, cyber security, and/or computer science.

At CDT, we offer a collaborative and inclusive work environment where your expertise in Penetration Testing will help shape the future of cybersecurity and engineering solutions.

• Competitive salary based on experience.
• Comprehensive benefits package, including health, dental, and retirement plans.
• Opportunities for professional development and career advancement.

CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.

If you are a proactive Penetration Tester and thrive in dynamic environments, we encourage you to apply and join the CDT team!