Mid-Level Penetration Tester

Peraton is searching for a talented Mid-Level Penetration Tester to become part of Peraton’s Citizens Security & Public Services, State and Local Account. This position will be remote.

What you’ll do:

The Mid-Level Penetration Tester will be responsible for the following, but not limited to:

The successful candidate will perform vulnerability assessments and penetration testing following the customer’s prescribed scope statement. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis.  Specifically, the candidate will analyze internal and external systems to help assess vulnerability to compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open-source tools.

• Experience and familiarity with the assessment methods defined in NIST SP 800-30 Rev. 1 and NIST SP 800-53A Rev. 4 (interview, examine, and test)
• Penetrate desktops, servers, applications, operating systems, and security systems to gain root/admin access
• Provide black-box, grey-box, and white-box penetration testing using tools and techniques to conduct cybersecurity evaluations for highly specialized network communication systems
• Modify open-source exploits to bypass/evade antivirus, firewalls, hardened systems, and IDS/IPS systems
• Modify computer/system/network attacks, exploits, and Metasploit modules to create variations that evade detection
• Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation for multiple targets
• Hide digital artifacts and communications to evade antivirus, firewalls, IDS/IPS systems, Wireshark, and tcpdump
• Configure phishing and smishing environments to support social engineering testing
• Work independently to analyze, research, and solve technical problems
• Leverage existing business processes and document new repeatable business processes and procedures where necessary
• Research external information on cybersecurity events, incidents, threats, and technical vulnerabilities
• Presents categorize findings and remediation actions in detailed written reports, POA&M, and presentations to customers.

Basic Qualifications:

• Bachelor’s degree in Cybersecurity, Information Security, IT, Computer Engineering, Network Engineering, Computer Science, or Computer Forensics with 5+ years of experience or a High School Diploma/equivalent and 9 years of experience.
• Performing authorized penetration testing on enterprise networks
• Gaining access to targeted networks
• Applying expertise to enable new exploitation and maintaining access
• Obeying appropriate laws and regulations
• Providing infrastructure analysis
• Performing analysis of physical and logical digital technologies
• Conducting in-depth target and technical analysis
• Creating exploitation strategies for identified vulnerabilities
• Monitoring target networks; and
• Profiling network users or system administrators and their activities
• Experience with Tenable Nessus Pro, Kali Linux, BurpSuite, and Metasploit tools
• Experience with programming/scripting: Python, PowerShell, Ruby, C, JavaScript, etc.

Preferred Qualifications:

• MS degree in Computer Science, Engineering, Computer Forensics, Network Security, or equivalent technical experience
• 4 years of exploit development, computer/network security, or network traffic analysis using analytical tools
• Expert knowledge of networking components/devices and various OS/applications in Linux and Windows environments
• At least one of the following certifications
  • OSEP (Offensive Security Experienced Penetration Tester)
  • OSCP (Offensive Security Certified Professional)
  • GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
  • GPEN (GIAC Certified Penetration Tester)
  • LPT (Licensed Penetration Tester)

Benefits:

At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.