Description

Job Description ASRC Federal Broadleaf Division is actively hiring a Penetration Tester in support of our DCSA program based out of Quantico VA. Remote flexibility available! This is primarily a Telework position with a requirement to be onsite up to two (2) days a week. ASRC Federal is seeking a Penetration Tester, who will provide broad and in-depth knowledge to conduct offensive cyber operations across the organization. In this role, they will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques. BASIC QUALIFICATIONS: Candidates should demonstrate a detailed knowledge the following: Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing Consult with defensive operations teams on adversary tactics to guide and mature cyber defensive countermeasures Experience in offensive security, with the ability to think like an adversary Strong ability to identify and exploit security gaps/vulnerabilities on endpoint devices, applications, and networks Strong experience in operating system and application security hardening and best practices Strong investigative mindset with an attention to detail Experience with multiple operating systems to include Windows, Mac OS, Unix/Linux, and mobile platforms Experience conducting assessments for solutions consisting of a variety of technology stacks and architectural implementations, hosting providers and tools e.g., Rapid7 Nexpose, Appspider Pro, Metasploit or Cobalt Strike / Core Impact. Exposure and understanding of enterprise solutions from a functional and security perspective #Broadleaf

Role and Responsibilities

• Experience with multiple operating systems to include Windows, Mac OS, Unix/Linux, and mobile platforms Experience conducting assessments for solutions consisting of a variety of technology stacks and architectural implementations, hosting providers and tools e.g., Rapid7 Nexpose, Appspider Pro, Metasploit or Cobalt Strike / Core Impact.