Pen Tester Security Clearance

Position: Pen Tester with Security Clearance
Location: Annapolis Junction

Job Description As a global leader in advanced defense, security, and aerospace technologies, BAE Systems offers a dynamic and challenging work environment where innovation and expertise come together to make a real impact. By joining our team, you'll be part of a collaborative and agile organization that values cutting-edge skills, creativity, and passion for delivering exceptional results. We're seeking a highly skilled Lead Penetration Tester to join our high-performing agile team, utilizing the Scaled Agile Framework (SAFe) methodology, on a large and complex program focused on preventing, identifying, containing, and eradicating cyber threats.

As a Lead Penetration Tester, you'll play a critical role in ensuring the security of Enterprise-wide information systems, working closely with cyber Subject Matter Experts (SMEs) to provide support to a large, complex technical program.

Key Responsibilities
* Design and execute internal and external penetration tests to identify vulnerabilities and develop effective mitigation strategies

* Conduct web application penetration tests, vulnerability risk assessments, and physical penetration tests, as well as social engineering analysis

* Provide cyber incident response support as needed, evaluating the impact of new development on the operational security posture of IT systems

* Collaborate with development teams to enhance their understanding of various types of vulnerabilities, attack vectors, and remediation approaches

* Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements

* Develop and enforce information systems security policies, standards, and methodologies, serving as a Subject Matter Expert in security architecture
What You'll Achieve
* Protect Enterprise-wide information systems from cyber threats, ensuring the security and integrity of sensitive data

* Develop and implement effective security measures, collaborating with cross-functional teams to drive innovation and excellence

* Enhance your skills and expertise in penetration testing, vulnerability assessment, and incident response, staying at the forefront of cybersecurity trends and best practices
#LI-PB2 Required Education, Experience, & Skills
* Must have experience with penetration testing tools.

* Must have experience in web development and programming languages such as Java, XML, Perl and HTML.

* Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.

* Must have extensive experience performing IT security risk assessments.

* Must have experience performing web app and physical pentests.

* Must have experience with or strong familiarity of the following Web Application tools;
Burp Suite, Web Inspect, App detective.

* Must have experience with or strong familiarity of Kali.

* Must have experience with or strong familiarity of IPS/IDS solutions.

* Must have a strong understanding of the Cyber Kill Chain methodology.

* Must have experience applying Risk Management Framework.

* Must have experience with secure configurations of commonly used desktop and server operating systems.

* Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.

* Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.

* Must possess a TS/SCI clearance with appropriate polygraph
MDOPS Preferred Education, Experience, & Skills

Preferred Qualifications
* Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience.

* Certifications in one or more of the following areas strongly preferred:

* GIAC Web Applications Penetration Tester (GWAPT)

* GIAC Penetration Tester (GPEN)

* Certified Ethical Hacker (CEH)

* Certified Information Security Manager (CISM)

* Certified Web Application Defender (GWEB)

* Certified Information System Security Professional (CISSP)

* Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.

* Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation. Pay Information
Full-Time Salary Range: $132962 - $226035

Please note:

This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits:

At BAE Systems, we support our employees in all aspects of their life,…